RSS   Vulnerabilities for 'Onefilecms'   RSS

2019-02-17
 
CVE-2019-8408

CWE-20
 
 
OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice.

 
2018-07-03
 
CVE-2018-13122

CWE-732
 
 
onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI.

 

Copyright 2024, cxsecurity.com

 

Back to Top