2 matches found
CVE-2018-12995
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen...
CVE-2018-12995
OneFileCMS is affected by CVE-2018-12995 through its onefilecms.php file. The vulnerability enables arbitrary PHP code execution by submitting a .php filename on the Upload screen, affecting versions up to 2012-04-14. The root cause is improper handling of uploaded filenames, allowing execution o...