Medium severity6.5NVD Advisory· Published Jul 3, 2018· Updated Jun 17, 2026

CVE-2018-13122

Description

onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to delete arbitrary files via the Delete File(s) screen, as demonstrated by a ?i=var/www/html/&f=123.php&p=edit&p=deletefile URI.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Onefilecms/Onefilecmsinferred
Range: <=2017-10-08
Self Evident/OneFileCMSllm-fuzzy
Range: through 2017-10-08

Patches

Vulnerability mechanics

References

github.com/Self-Evident/OneFileCMS/issues/49nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.423
epss	0.001
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000