Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cmsmadesimple vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2011-3718
CMS Made Simple (CMSMS) 1.9.2 allows remote malicious users to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by modules/TinyMCE/TinyMCE.module.php and certain other files. NOTE: this migh...
Cmsmadesimple Cms Made Simple 1.9.2
5
CVSSv2
CVE-2008-5642
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in a cms_language cookie.
Cmsmadesimple Cms Made Simple 1.4.1
1 EDB exploit
3.5
CVSSv2
CVE-2017-7256
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter. Someone must login to conduct the attack.
Cmsmadesimple Cms Made Simple 2.1.6
6.5
CVSSv2
CVE-2017-8912
CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not ...
Cmsmadesimple Cms Made Simple 2.1.6
1 EDB exploit
4.3
CVSSv2
CVE-2022-23907
CMS Made Simple v2.2.15 exists to contain a reflected cross-site scripting (XSS) vulnerability via the parameter m1_fmmessage.
Cmsmadesimple Cms Made Simple 2.2.15
3.5
CVSSv2
CVE-2019-17226
CMS Made Simple (CMSMS) 2.2.11 allows XSS via the Site Admin > Module Manager > Search Term field.
Cmsmadesimple Cms Made Simple 2.2.11
3.5
CVSSv2
CVE-2020-23240
Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.
Cmsmadesimple Cms Made Simple 2.2.14
3.5
CVSSv2
CVE-2020-23241
Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.
Cmsmadesimple Cms Made Simple 2.2.14
3.5
CVSSv2
CVE-2020-27377
A cross-site scripting (XSS) vulnerability exists in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an malicious user to execute arbitrary web scripts.
Cmsmadesimple Cms Made Simple 2.2.14
4.3
CVSSv2
CVE-2018-18271
XSS exists in CMS Made Simple version 2.2.7 via the m1_extra parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action.
Cmsmadesimple Cms Made Simple 2.2.7
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304
CVE-2024-4240
arbitrary
CVE-2024-31601
XSS
CVE-2023-20198
CVE-2024-4256
CVE-2024-3342
encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »