2 matches found
CVE-2018-13123
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=rawview for the /etc/passwd file...
CVE-2018-13123
CVE-2018-13123 affects OneFileCMS; onefilecms.php from 2017-10-08 and earlier versions allows reading arbitrary files via i and f parameters (e.g., ?i=etc/&f=passwd&p=raw_view for /etc/passwd). Public sources (NVD/CNVD/CVE records) describe the vulnerability and affected version window but do not...