Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
onefilecms onefilecms vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-12993
onefilecms.php in OneFileCMS through 2012-04-14 might allow malicious users to conduct brute-force attacks via the onefilecms_username and onefilecms_password fields.
Onefilecms Onefilecms
6.5
CVSSv2
CVE-2018-12994
onefilecms.php in OneFileCMS through 2012-04-14 might allow malicious users to execute arbitrary PHP code via a .php filename on the New File screen.
Onefilecms Onefilecms
6.5
CVSSv2
CVE-2018-12995
onefilecms.php in OneFileCMS through 2012-04-14 might allow malicious users to execute arbitrary PHP code via a .php filename on the Upload screen.
Onefilecms Onefilecms
5.5
CVSSv2
CVE-2018-13122
onefilecms.php in OneFileCMS through 2017-10-08 might allow malicious users to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI.
Onefilecms Onefilecms
5
CVSSv2
CVE-2018-13123
onefilecms.php in OneFileCMS through 2017-10-08 might allow malicious users to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd file.
Onefilecms Onefilecms
4
CVSSv2
CVE-2019-8408
OneFileCMS 3.6.13 allows remote malicious users to modify onefilecms.php by clicking the Copy button twice.
Onefilecms Onefilecms 3.6.13
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
brute force
CVE-2024-24908
open redirect
CVE-2024-31497
CVE-2023-45866
CVE-2024-4135
CVE-2024-25523
cache poisoning
CVE-2024-4649
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started