CVE-2023-26951
- EPSS 0.11%
- Veröffentlicht 16.03.2023 01:15:46
- Zuletzt bearbeitet 21.11.2024 07:52:06
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Member List module.
CVE-2023-26957
- EPSS 0.08%
- Veröffentlicht 09.03.2023 21:15:10
- Zuletzt bearbeitet 05.03.2025 19:15:32
onekeyadmin v1.3.9 was discovered to contain an arbitrary file delete vulnerability via the component \admin\controller\plugins.
CVE-2023-26948
- EPSS 0.09%
- Veröffentlicht 09.03.2023 01:15:10
- Zuletzt bearbeitet 28.02.2025 17:15:14
onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/file/download.
CVE-2023-26956
- EPSS 0.09%
- Veröffentlicht 08.03.2023 19:15:11
- Zuletzt bearbeitet 05.03.2025 19:15:32
onekeyadmin v1.3.9 was discovered to contain an arbitrary file read vulnerability via the component /admin1/curd/code.
CVE-2023-26952
- EPSS 0.1%
- Veröffentlicht 08.03.2023 14:15:09
- Zuletzt bearbeitet 03.03.2025 16:15:37
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Menu module.
CVE-2023-26950
- EPSS 0.1%
- Veröffentlicht 08.03.2023 13:15:10
- Zuletzt bearbeitet 05.03.2025 19:15:31
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Title parameter under the Adding Categories module.
CVE-2023-26953
- EPSS 0.09%
- Veröffentlicht 07.03.2023 15:15:11
- Zuletzt bearbeitet 04.03.2025 20:15:36
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Administrator module.
CVE-2023-26949
- EPSS 0.15%
- Veröffentlicht 06.03.2023 21:15:11
- Zuletzt bearbeitet 21.11.2024 07:52:05
An arbitrary file upload vulnerability in the component /admin1/config/update of onekeyadmin v1.3.9 allows attackers to execute arbitrary code via a crafted PHP file.