cms made simple vulnerabilities and exploits

6.8
CVSSv2
CVE-2018-10030

CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/siteprefs.php....

6.8
CVSSv2
CVE-2018-10031

CMS Made Simple (aka CMSMS) 2.2.7 has CSRF in admin/moduleinterface.php....

3.5
CVSSv2
CVE-2018-5965

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_errors parameter....

3.5
CVSSv2
CVE-2018-5963

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the title parameter....

5
CVSSv2
CVE-2017-17734

CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in sessions....

3.5
CVSSv2
CVE-2018-8058

CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via the pagedata parameter....

4.3
CVSSv2
CVE-2017-16784

In CMS Made Simple 2.2.2, there is Reflected XSS via the cntnt01detailtemplate parameter....

5
CVSSv2
CVE-2017-17735

CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in cookies....

7.5
CVSSv2
CVE-2017-16783

In CMS Made Simple 2.1.6, there is Server-Side Template Injection via the cntnt01detailtemplate parameter....

3.5
CVSSv2
CVE-2018-5964

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_messages parameter....