CMS
by Onethird
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-5640 | Cri | 0.64 | 9.8 | 0.02 | Oct 20, 2020 | Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticated attacker to execute arbitrary code or obtain sensitive information via unspecified vectors. | ||
| CVE-2017-2124 | Med | 0.40 | 6.1 | 0.01 | Apr 28, 2017 | Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via contact.php. | ||
| CVE-2017-2123 | Med | 0.40 | 6.1 | 0.01 | Apr 28, 2017 | Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via language.php. | ||
| CVE-2017-10907 | Med | 0.28 | 4.3 | 0.01 | Dec 22, 2017 | Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors. |
- risk 0.64cvss 9.8epss 0.02
Local file inclusion vulnerability in OneThird CMS v1.96c and earlier allows a remote unauthenticated attacker to execute arbitrary code or obtain sensitive information via unspecified vectors.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via contact.php.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via language.php.
- risk 0.28cvss 4.3epss 0.01
Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors.