Lucene search

Onefilecms Security Vulnerabilities

cve

CVE-2019-8408

OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button...

4.9CVSS

5.2AI Score

0.001EPSS

2019-02-17 06:29 PM

cve

CVE-2018-13123

onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd...

9.8CVSS

9.2AI Score

0.002EPSS

2018-07-03 10:29 PM

cve

CVE-2018-13122

onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile...

6.5CVSS

6.5AI Score

0.001EPSS

2018-07-03 10:29 PM

cve

CVE-2018-12995

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload...

8.8CVSS

8.8AI Score

0.001EPSS

2018-06-29 12:29 PM

cve

CVE-2018-12994

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File...

8.8CVSS

8.8AI Score

0.001EPSS

2018-06-29 12:29 PM

cve

CVE-2018-12993

onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force attacks via the onefilecms_username and onefilecms_password...

9.8CVSS

9.2AI Score

0.007EPSS

2018-06-29 12:29 PM