PT-2019-19016 · Onefilecms · Onefilecms

R00Tse7En

Published

2019-02-17

Updated

2020-08-24

CVE-2019-8408

CVSS v3.1

4.9

Medium

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N

Name of the Vulnerable Software and Affected Versions OneFileCMS version 3.6.13

Description The issue allows remote attackers to modify onefilecms.php by clicking the Copy button twice.

Recommendations For OneFileCMS version 3.6.13, consider disabling the Copy button functionality in onefilecms.php until a patch is available to prevent modification by remote attackers.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2019-8408

Affected Products

Onefilecms

PT-2019-19016 · Onefilecms · Onefilecms

CVE-2019-8408

Related Identifiers

Affected Products

References · 3