OneFileCMS
OneFileCMS copied to clipboard
Self-Evident
A single file cms - all in one file!
1. Enter the page using the default username and password.  2. Click "New File" to create a new file named test.php.  3. The content of test.php is ``...
Got asked by a friend yesterday what's wrong with the script, why isn't it working. So I checked it and found out that this array syntax seems not to work...
1.Access http://127.0.0.1/OneFileCMS-master/onefilecms.php by username/password , then click 'OneFileCMS-master'.  2.Then click 'onefilecms.php'.  3.You can see that there is no permission to edit 'onefilecms.php'. And then click 'copy'.  4.Nothing...
onefilecms.php in OneFileCMS through 2017-10-09 might allow attackers to access some secret file like passwd access `http://fragrant:30001/OneFileCMS/onefilecms.php?i=etc/&f=passwd&p=raw_view` 
access http://fragrant:30001/OneFileCMS/onefilecms.php by username/password  access http://fragrant:30001/OneFileCMS/onefilecms.php?i=var/www/html/&f=123.php&p=edit&p=deletefile  Click `Delete File(s)` 
access http://fragrant:30001/OneFileCMS/onefilecms.php by username/password  Click `Upload File` -> abc.php -> `Browse` -> select abc.php -> Click `Upload`   access http://fragrant:30001/abc.php 
onefilecms.php in OneFileCMS through 2017-10-09 might allow attackers to execute arbitrary PHP code via xxx .php filename on the New File screen access http://fragrant:30001/OneFileCMS/onefilecms.php by username/password  Click `New File`...
Hello, after the Login the Interface show me: ``` ( ! ) $DEFAULT_PATH must be a decendant of, or equal to, $ACCESS_ROOT $ACCESS_ROOT = home/admin/web/xxx.de/public_html/test/ $DEFAULT_PATH = home/admin/web/xxx.de/public_html/test/ Warning: scandir(./home/admin/web/xxx.de/public_html/test/):...
