Arbitrary File Read Vulnerability in OneFileCMS through 2017-10-08

Arbitrary File Read Vulnerability in OneFileCMS through 2017-10-08

CVE-2018-13123 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

onefilecms.php in OneFileCMS through 2017-10-08 might allow attackers to read arbitrary files via the i and f parameters, as demonstrated by ?i=etc/&f=passwd&p=raw_view for the /etc/passwd file.

Learn more about our Cms Pen Testing.