Onefilecms
by Jbroadway
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-12993 | Cri | 0.64 | 9.8 | 0.01 | Jun 29, 2018 | onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force attacks via the onefilecms_username and onefilecms_password fields. | ||
| CVE-2018-12995 | Hig | 0.57 | 8.8 | 0.01 | Jun 29, 2018 | onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen. | ||
| CVE-2019-8408 | 0.00 | — | 0.01 | Feb 17, 2019 | OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice. |
- risk 0.64cvss 9.8epss 0.01
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to conduct brute-force attacks via the onefilecms_username and onefilecms_password fields.
- risk 0.57cvss 8.8epss 0.01
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen.
- CVE-2019-8408Feb 17, 2019risk 0.00cvss —epss 0.01
OneFileCMS 3.6.13 allows remote attackers to modify onefilecms.php by clicking the Copy button twice.