Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cmsmadesimple cms made simple vulnerabilities and exploits
(subscribe to this query)
435
VMScore
CVE-2005-3083
Cross-site scripting (XSS) vulnerability in index.php in CMS Made Simple 0.10 allows remote malicious users to inject arbitrary web script or HTML via the page parameter.
Cmsmadesimple Cms Made Simple 0.10
1 EDB exploit
312
VMScore
CVE-2020-36408
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module.
Cmsmadesimple Cms Made Simple 2.2.14
312
VMScore
CVE-2020-36409
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module.
Cmsmadesimple Cms Made Simple 2.2.14
312
VMScore
CVE-2020-36412
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module.
Cmsmadesimple Cms Made Simple 2.2.14
312
VMScore
CVE-2020-36413
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under...
Cmsmadesimple Cms Made Simple 2.2.14
312
VMScore
CVE-2020-36414
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL (slug)" or "Extra" fields under the "Add Article" feature...
Cmsmadesimple Cms Made Simple 2.2.14
312
VMScore
CVE-2020-36416
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated malicious users to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Design" parameter under the "Designs" module.
Cmsmadesimple Cms Made Simple 2.2.14
505
VMScore
CVE-2008-5642
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in a cms_language cookie.
Cmsmadesimple Cms Made Simple 1.4.1
1 EDB exploit
856
VMScore
CVE-2018-7448
Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple version 2.1.6 allows remote malicious users to inject arbitrary PHP code via the "timezone" parameter in step 4 of a fresh installation procedure.
Cmsmadesimple Cms Made Simple 2.1.6
1 EDB exploit
2 Github repositories
312
VMScore
CVE-2019-10017
CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker.
Cmsmadesimple Cms Made Simple 2.2.10
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23316
SQL injection
type confusion
CVE-2024-20697
CVE-2024-4344
local
CVE-2024-30043
CVE-2024-3821
CVE-2024-5041
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »