Every CVE whose affected-product data names Insanevisions Onecms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2008-2482 — CVSS 7.5 (high): Directory traversal vulnerability in install_mod.php in insanevisions OneCMS 2.5 allows remote attackers to include and execute arbitrary…
CVE-2008-6652 — CVSS 7.5 (high): SQL injection vulnerability in asd.php in OneCMS 2.5 allows remote attackers to execute arbitrary SQL commands via the sitename parameter.
CVE-2010-0952 — CVSS 6.8 (medium): SQL injection vulnerability in index.php in OneCMS 2.5, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL…
CVE-2010-4877 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in index.php in OneCMS 2.6.1 allows remote attackers to inject arbitrary web script or HTML via…