CVE-2018-13122
CVE-2018-13122 affects OneFileCMS, specifically the vulnerable onefilecms.php up to version dated 2017-10-08. The issue permits an attacker to delete arbitrary files via the Delete File(s) screen, demonstrated by a URI pattern such as ?i=var/www/html/&f=123.php&p=edit&p=deletefile. Root cause ide...