Every CVE whose affected-product data names Insane Visions Onecms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (3)
CVE-2007-5016 — CVSS 7.5 (high): SQL injection vulnerability in userreviews.php in OneCMS 2.4 allows remote attackers to execute arbitrary SQL commands via the abc…
CVE-2008-7209 — CVSS 7.5 (high): Unrestricted file upload vulnerability in the add2 action in a_upload.php in OneCMS 2.4, and possibly earlier, allows remote attackers to…
CVE-2008-7208 — CVSS 6.8 (medium): Multiple SQL injection vulnerabilities in OneCMS 2.4, and possibly earlier, allow remote attackers to execute arbitrary SQL commands via…