Onethird CMS
by Onethird
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-2124 | Med | 0.40 | 6.1 | 0.01 | Apr 28, 2017 | Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via contact.php. | ||
| CVE-2017-2123 | Med | 0.40 | 6.1 | 0.01 | Apr 28, 2017 | Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via language.php. | ||
| CVE-2017-10907 | Med | 0.28 | 4.3 | 0.01 | Dec 22, 2017 | Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors. |
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via contact.php.
- risk 0.40cvss 6.1epss 0.01
Cross-site scripting vulnerability in OneThird CMS v1.73 Heaven's Door and earlier allows remote attackers to inject arbitrary web script or HTML via language.php.
- risk 0.28cvss 4.3epss 0.01
Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors.