Lucene search

Onekeyadmin Security Vulnerabilities

cve

CVE-2023-26948

onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/file/download.

7.5CVSS

7.5AI Score

0.002EPSS

2023-03-09 01:15 AM

cve

CVE-2023-26949

An arbitrary file upload vulnerability in the component /admin1/config/update of onekeyadmin v1.3.9 allows attackers to execute arbitrary code via a crafted PHP file.

9.8CVSS

9.5AI Score

0.003EPSS

2023-03-06 09:15 PM

cve

CVE-2023-26950

onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Title parameter under the Adding Categories module.

5.4CVSS

5.3AI Score

0.001EPSS

2023-03-08 01:15 PM

cve

CVE-2023-26951

onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Member List module.

5.4CVSS

5.3AI Score

0.001EPSS

2023-03-16 01:15 AM

cve

CVE-2023-26952

onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Menu module.

5.4CVSS

5.3AI Score

0.001EPSS

2023-03-08 02:15 PM

cve

CVE-2023-26953

onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Administrator module.

4.8CVSS

5AI Score

0.001EPSS

2023-03-07 03:15 PM

cve

CVE-2023-26956

onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/curd/code.

7.5CVSS

7.5AI Score

0.002EPSS

2023-03-08 07:15 PM

cve

CVE-2023-26957

onekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the component \admin\controller\plugins.

9.1CVSS

9.2AI Score

0.001EPSS

2023-03-09 09:15 PM