CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticated attacker to execute arbitrary code or obtain sensitive information via unspecified vectors...

9.8CVSS7.9AI score0.03091EPSS

Exploits0References1

Japan Vulnerability Notes•added 2020/10/21 6:21 a.m.•1 views

Local File Inclusion vulnerability in OneThird CMS

Overview OneThird CMS provided SpiQe Software is a content management system CMS. OneThird CMS contains a Local File Inclusion vulnerability CWE-98. Impact Sensitive information may be obtained or arbitrary code may be executed by an unauthenticated remote attacker. Solution Update the Software...

9.8CVSS7.4AI score0.03091EPSS

Exploits0References5

NVD•added 2020/10/20 8:15 a.m.•9 views

CVE-2020-5640

Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticated attacker to execute arbitrary code or obtain sensitive information via unspecified vectors...

9.8CVSS0.03091EPSS

Exploits0References2

Prion•added 2020/10/20 8:15 a.m.•9 views

Remote file inclusion

Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticated attacker to execute arbitrary code or obtain sensitive information via unspecified vectors...

7.5CVSS9.5AI score0.03091EPSS

Exploits0References2Affected Software1

CVE•added 2020/10/20 7:55 a.m.•40 views

CVE-2020-5640

OneThird CMS Local File Inclusion (CVE-2020-5640) affects v1.96c and earlier. An unauthenticated remote attacker can cause arbitrary code execution or disclose sensitive data via unspecified vectors due to local file inclusion. Remediation: upgrade to v1.96d (as cited by multiple sources) or appl...

9.8CVSS9.5AI score0.03091EPSS

Exploits0References2Affected Software1

NVD•added 2017/12/22 2:29 p.m.•10 views

CVE-2017-10907

Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors...

4.3CVSS4.6AI score0.03104EPSS

Exploits0References2

Prion•added 2017/12/22 2:29 p.m.•9 views

Directory traversal

Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors...

4CVSS4.5AI score0.03104EPSS

Exploits0References2Affected Software1

Cvelist•added 2017/12/22 2:0 p.m.•15 views

CVE-2017-10907

Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors...

4.5AI score0.03104EPSS

Exploits0References2

CVE•added 2017/12/22 2:0 p.m.•48 views

CVE-2017-10907

CVE-2017-10907 concerns a directory traversal in OneThird CMS Show Off prior to version 1.85. The JVN entries specify that an authenticated attacker with editing privileges can delete arbitrary files on the server, implying the vulnerability affects the Show Off component of OneThird CMS (Show Of...

4.3CVSS4.5AI score0.03104EPSS

Exploits0References2Affected Software1

Japan Vulnerability Notes•added 2017/12/19 4:48 a.m.•2 views

OneThird CMS vulnerable to directory traversal

Overview OneThird CMS provided by SpiQe Software is a Contents Management System CMS. OneThird CMS contains a directory traversal vulnerability CWE-22. Yuji Tounai of NTT Communications Corporation reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information...

5CVSS6.7AI score0.03104EPSS

Exploits0References5

Japan Vulnerability Notes•added 2017/12/19 12:0 a.m.•81 views

JVN#93333702: OneThird CMS vulnerable to directory traversal

OneThird CMS provided by SpiQe Software is a Contents Management System CMS. OneThird CMS contains a directory traversal vulnerability CWE-22. Impact An authenticated atacker with editing privileges may delete arbitrary files on the server. Solution Update the Software Update to the latest versio...

4.3CVSS4.6AI score0.03104EPSS

Exploits0

CNVD•added 2017/05/03 12:0 a.m.•0 views

OneThird CMS Cross-Site Scripting Vulnerability (CNVD-2017-06227)

OneThird CMS is a lightweight content management system CMS for web application frameworks. A cross-site scripting vulnerability exists in the contact.php file in OneThird CMS 1.73 and earlier versions. A remote attacker can exploit this vulnerability to inject arbitrary web script or HTML...

6.1CVSS6.1AI score0.00271EPSS

Exploits0References1

OSV•added 2017/04/28 4:59 p.m.•2 views

CVE-2017-2124

Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via contact.php...

6.1CVSS5.9AI score

Exploits0References3

NVD•added 2017/04/28 4:59 p.m.•9 views

CVE-2017-2124

Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via contact.php...

6.1CVSS6.2AI score0.00271EPSS

Exploits0References3

NVD•added 2017/04/28 4:59 p.m.•10 views

CVE-2017-2123

Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via language.php...

6.1CVSS6.2AI score0.00324EPSS

Exploits0References3

Prion•added 2017/04/28 4:59 p.m.•7 views

Cross site scripting

Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via contact.php...

4.3CVSS6.1AI score0.00271EPSS

Exploits0References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by