Vulnerabilities > Onefilecms > High

DATE CVE VULNERABILITY TITLE RISK
2018-06-29 CVE-2018-12995 Code Injection vulnerability in Onefilecms
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the Upload screen.
network
low complexity
onefilecms CWE-94
8.8
8.8
2018-06-29 CVE-2018-12994 Code Injection vulnerability in Onefilecms
onefilecms.php in OneFileCMS through 2012-04-14 might allow attackers to execute arbitrary PHP code via a .php filename on the New File screen.
network
low complexity
onefilecms CWE-94
8.8
8.8