CVE-2017-10907
MEDIUMOneThird CMS Show Off < 1.85 - Path Traversal and Arbitrary File Read
Title source: llmDescription
Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors.
References (2)
Core 2
Core References
Third Party Advisory, VDB Entry third-party-advisory
x_refsource_jvn
https://jvn.jp/en/jp/JVN93333702/index.html
Vendor Advisory x_refsource_confirm
https://onethird.net/en/p1307.html
Scores
CVSS v3
4.3
EPSS
0.0118
EPSS Percentile
64.0%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Details
CWE
CWE-22
Status
published
Products (3)
spiqe/onethird_cms_show_off
< 1.85
SpiQe Software/OneThird CMS
Show Off v1.85 and earlier
SpiQe Software/OneThird CMS
Show Off v1.85 en and earlier
Published
Dec 22, 2017
Tracked Since
Feb 18, 2026