Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getsimple cms vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2018-17835
An issue exists in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI.
Get-simple Getsimple Cms 3.3.15
435
VMScore
CVE-2018-9173
Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote malicious users to inject arbitrary web script or HTML, as demonstrated by the movieName parameter.
Get-simple Getsimple Cms 3.3.13
1 EDB exploit
445
VMScore
CVE-2014-8723
GetSimple CMS 3.3.4 allows remote malicious users to obtain sensitive information via a direct request to (1) plugins/anonymous_data.php or (2) plugins/InnovationPlugin.php, which reveals the installation path in an error message.
Get-simple Getsimple Cms 3.3.4
435
VMScore
CVE-2010-5052
Cross-site scripting (XSS) vulnerability in admin/components.php in GetSimple CMS 2.01 allows remote malicious users to inject arbitrary web script or HTML via the val[] parameter.
Get-simple Getsimple Cms 2.01
1 EDB exploit
435
VMScore
CVE-2010-4863
Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote malicious users to inject arbitrary web script or HTML via the post-title parameter.
Get-simple Getsimple Cms 2.01
1 EDB exploit
605
VMScore
CVE-2018-17103
An issue exists in GetSimple CMS v3.3.13. There is a CSRF vulnerability that can change the administrator's password via admin/settings.php. NOTE: The vendor reported that the PoC was sending a value for the nonce parameter
Get-simple Getsimple Cms 3.3.13
312
VMScore
CVE-2019-16333
GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in admin/theme-edit.php.
Get-simple Getsimple Cms 3.3.15
435
VMScore
CVE-2014-1603
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.3.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) param parameter to admin/load.php or (2) user, (3) email, or (4) name parameter in a Save Settings action to admin/settings.p...
Get-simple Getsimple Cms 3.3.1
1 EDB exploit
312
VMScore
CVE-2018-15843
GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field.
Get-simple Getsimple Cms 3.3.14
1 Github repository
383
VMScore
CVE-2018-16325
There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field.
Get-simple Getsimple Cms 3.4.0.9
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »