Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cms made simple vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component.
Cmsmadesimple Cms Made Simple 2.2.18
NA
CVE-2023-43356
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component.
Cmsmadesimple Cms Made Simple 2.2.18
NA
CVE-2023-43357
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component.
Cmsmadesimple Cms Made Simple 2.2.18
NA
CVE-2023-43358
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted script to the Title parameter in the News Menu component.
Cmsmadesimple Cms Made Simple 2.2.18
NA
CVE-2023-43359
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component.
Cmsmadesimple Cms Made Simple 2.2.18
NA
CVE-2023-43360
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted script to the Top Directory parameter in the File Picker Menu component.
Cmsmadesimple Cms Made Simple 2.2.18
7.5
CVSSv2
CVE-2017-16783
In CMS Made Simple 2.1.6, there is Server-Side Template Injection via the cntnt01detailtemplate parameter.
Cmsmadesimple Cms Made Simple 2.1.6
4.3
CVSSv2
CVE-2017-16784
In CMS Made Simple 2.2.2, there is Reflected XSS via the cntnt01detailtemplate parameter.
Cmsmadesimple Cms Made Simple 2.2.2
6.5
CVSSv2
CVE-2017-8912
CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not ...
Cmsmadesimple Cms Made Simple 2.1.6
1 EDB exploit
5
CVSSv2
CVE-2008-5642
Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote malicious users to read arbitrary files via a .. (dot dot) in a cms_language cookie.
Cmsmadesimple Cms Made Simple 1.4.1
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »