CVE-2017-10907

MEDIUM

OneThird CMS Show Off < 1.85 - Path Traversal and Arbitrary File Read

Title source: llm
STIX 2.1

Description

Directory traversal vulnerability in OneThird CMS Show Off v1.85 and earlier. Show Off v1.85 en and earlier allows an attacker to read arbitrary files via unspecified vectors.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry third-party-advisory x_refsource_jvn
https://jvn.jp/en/jp/JVN93333702/index.html
Vendor Advisory x_refsource_confirm
https://onethird.net/en/p1307.html

Scores

CVSS v3 4.3
EPSS 0.0118
EPSS Percentile 64.0%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Details

CWE
CWE-22
Status published
Products (3)
spiqe/onethird_cms_show_off < 1.85
SpiQe Software/OneThird CMS Show Off v1.85 and earlier
SpiQe Software/OneThird CMS Show Off v1.85 en and earlier
Published Dec 22, 2017
Tracked Since Feb 18, 2026