Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cmsmadesimple cms made simple vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2018-9921
In CMS Made Simple 2.2.7, a Directory Traversal issue makes it possible to determine the existence of files and directories outside the web-site installation directory, and determine whether a file has contents matching a specified checksum. The attack uses an admin/checksum.php?...
Cmsmadesimple Cms Made Simple 2.2.7
5
CVSSv2
CVE-2018-10081
CMS Made Simple (CMSMS) up to and including 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring.
Cmsmadesimple Cms Made Simple
5
CVSSv2
CVE-2018-10082
CMS Made Simple (CMSMS) up to and including 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or /lib/tas...
Cmsmadesimple Cms Made Simple
5
CVSSv2
CVE-2017-17734
CMS Made Simple (CMSMS) prior to 2.2.5 does not properly cache login information in sessions.
Cmsmadesimple Cms Made Simple
5
CVSSv2
CVE-2017-17735
CMS Made Simple (CMSMS) prior to 2.2.5 does not properly cache login information in cookies.
Cmsmadesimple Cms Made Simple
5
CVSSv2
CVE-2017-6071
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote malicious users to conduct information-disclosure attacks via exportxml.
Cmsmadesimple Form Builder
Cmsmadesimple Cms Made Simple
5
CVSSv2
CVE-2017-6072
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote malicious users to conduct information-disclosure attacks via defaultadmin.
Cmsmadesimple Form Builder
Cmsmadesimple Cms Made Simple
5
CVSSv2
CVE-2011-3718
CMS Made Simple (CMSMS) 1.9.2 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/TinyMCE/TinyMCE.module.php and certain other files. NOTE: this migh...
Cmsmadesimple Cms Made Simple 1.9.2
5
CVSSv2
CVE-2008-5642
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in a cms_language cookie.
Cmsmadesimple Cms Made Simple 1.4.1
1 EDB exploit
5
CVSSv2
CVE-2007-5444
CMS Made Simple 1.1.3.1 allows remote malicious users to obtain the full path via a direct request for unspecified files.
Cmsmadesimple Cms Made Simple 1.1.3.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »