Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cms made simple vulnerabilities and exploits
(subscribe to this query)
3.5
CVSSv2
CVE-2018-8058
CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via the pagedata parameter.
Cmsmadesimple Cms Made Simple 2.2.6
4.3
CVSSv2
CVE-2017-9668
In admin\addgroup.php in CMS Made Simple 2.1.6, when adding a user group, there is no XSS filtering, resulting in storage-type XSS generation, via the description parameter in an addgroup action.
Cmsmadesimple Cms Made Simple 2.1.6
NA
CVE-2023-43872
A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to upload a pdf file with hidden Cross Site Scripting (XSS).
Cmsmadesimple Cms Made Simple 2.2.18
6.8
CVSSv2
CVE-2019-9053
An issue exists in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter.
Cmsmadesimple Cms Made Simple 2.2.8
1 EDB exploit
40 Github repositories
6.5
CVSSv2
CVE-2019-9056
An issue exists in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class.FrontEndUsersManipulate.php or class.FrontEndUsersManipulator.php), it is possible to reach an unserialize call with an untrusted __FEU__ cookie, and achieve authenticated object injection.
Cmsmadesimple Cms Made Simple 2.2.8
6.8
CVSSv2
CVE-2007-0610
Cross-site scripting (XSS) vulnerability in the mailform feature in CMSimple 2.7 fix1 allows remote malicious users to inject arbitrary web script or HTML via the sender parameter. NOTE: The provenance of this information is unknown; the details are obtained solely from third par...
Cmsmadesimple Cms Made Simple 2.7
NA
CVE-2023-43339
Cross-Site Scripting (XSS) vulnerability in cmsmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted payload injected into the Database Name, DataBase User or Database Port components.
Cmsmadesimple Cms Made Simple 2.2.18
NA
CVE-2023-43353
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted script to the extra parameter in the news menu component.
Cmsmadesimple Cms Made Simple 2.2.18
NA
CVE-2023-43354
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component.
Cmsmadesimple Cms Made Simple 2.2.18
NA
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local malicious user to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component.
Cmsmadesimple Cms Made Simple 2.2.18
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »