Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cms made simple cms made simple 1.2.4 vulnerabilities and exploits
(subscribe to this query)
755
VMScore
CVE-2008-2267
Incomplete blacklist vulnerability in javaUpload.php in Postlet in the FileManager module in CMS Made Simple 1.2.4 and previous versions allows remote malicious users to execute arbitrary code by uploading a file with a name ending in (1) .jsp, (2) .php3, (3) .cgi, (4) .dhtml, (5...
Cms Made Simple Cms Made Simple 1.2.4
1 EDB exploit
668
VMScore
CVE-2010-2797
Directory traversal vulnerability in lib/translation.functions.php in CMS Made Simple prior to 1.8.1 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the default_cms_lang parameter to an admin script, as demonstrated by admin/addboo...
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.2.1
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.0.3
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.2.2
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.5.4
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.6.1
Cmsmadesimple Cms Made Simple 1.6.2
Cmsmadesimple Cms Made Simple 1.0.8
Cmsmadesimple Cms Made Simple 1.0.7
Cmsmadesimple Cms Made Simple 1.0.6
Cmsmadesimple Cms Made Simple 1.0.4
Cmsmadesimple Cms Made Simple 1.0.5
383
VMScore
CVE-2010-1482
Cross-site scripting (XSS) vulnerability in admin/editprefs.php in the backend in CMS Made Simple (CMSMS) prior to 1.7.1 might allow remote malicious users to inject arbitrary web script or HTML via the date_format_string parameter.
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1.2
Cmsmadesimple Cms Made Simple 0.10
Cmsmadesimple Cms Made Simple 1.6.7
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.2.5
Cmsmadesimple Cms Made Simple 1.2.3
Cmsmadesimple Cms Made Simple 1.0.7
Cmsmadesimple Cms Made Simple 1.0.4
Cmsmadesimple Cms Made Simple 0.11.1
Cmsmadesimple Cms Made Simple 0.10.4
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 0.11
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.3
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.6.4
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.6.2
Cmsmadesimple Cms Made Simple 1.6.1
265
VMScore
CVE-2016-2784
CMS Made Simple 2.x prior to 2.1.3 and 1.x prior to 1.12.2, when Smarty Cache is activated, allow remote malicious users to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.
Cmsmadesimple Cms Made Simple 2.1.1
Cmsmadesimple Cms Made Simple 2.1
Cmsmadesimple Cms Made Simple 1.11.11
Cmsmadesimple Cms Made Simple 1.11.10
Cmsmadesimple Cms Made Simple 1.11.3
Cmsmadesimple Cms Made Simple 1.11.2.1
Cmsmadesimple Cms Made Simple 1.10
Cmsmadesimple Cms Made Simple 1.9.4.3
Cmsmadesimple Cms Made Simple 1.9.4.2
Cmsmadesimple Cms Made Simple 1.6.10
Cmsmadesimple Cms Made Simple 1.6.9
Cmsmadesimple Cms Made Simple 1.6.7
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.5.2
Cmsmadesimple Cms Made Simple 1.2.5
Cmsmadesimple Cms Made Simple 1.2.4
Cmsmadesimple Cms Made Simple 1.1.2
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.0.2
Cmsmadesimple Cms Made Simple 1.0.1
Cmsmadesimple Cms Made Simple 1.12.1
1 EDB exploit
383
VMScore
CVE-2010-3882
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.7.1 and previous versions allow remote malicious users to inject arbitrary web script or HTML via input to the (1) Add Pages, (2) Add Global Content, (3) Edit Global Content, (4) Add Article, (5) Add Categor...
Cmsmadesimple Cms Made Simple 1.6.4
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.2
Cmsmadesimple Cms Made Simple 1.2.5
Cmsmadesimple Cms Made Simple 1.1.4.1
Cmsmadesimple Cms Made Simple 1.0.8
Cmsmadesimple Cms Made Simple 1.0.3
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.0.2
Cmsmadesimple Cms Made Simple 1.3
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 0.12.2
Cmsmadesimple Cms Made Simple 0.10.4
Cmsmadesimple Cms Made Simple 0.10.3
Cmsmadesimple Cms Made Simple 0.12
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.7
Cmsmadesimple Cms Made Simple 1.6.7
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.3.1
605
VMScore
CVE-2010-3883
Cross-site request forgery (CSRF) vulnerability in the Change Group Permissions module in CMS Made Simple 1.7.1 and previous versions allows remote malicious users to hijack the authentication of arbitrary users for requests that make permission modifications.
Cmsmadesimple Cms Made Simple 1.6.4
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.5.2
Cmsmadesimple Cms Made Simple 1.2.5
Cmsmadesimple Cms Made Simple 1.1.4.1
Cmsmadesimple Cms Made Simple 1.0.8
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.6.1
Cmsmadesimple Cms Made Simple 1.6.2
Cmsmadesimple Cms Made Simple 1.5
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.0.7
Cmsmadesimple Cms Made Simple 1.0.6
Cmsmadesimple Cms Made Simple 1.1.2
Cmsmadesimple Cms Made Simple 1.0.4
Cmsmadesimple Cms Made Simple 1.0.3
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 0.12.1
Cmsmadesimple Cms Made Simple 0.12
Cmsmadesimple Cms Made Simple 0.11.2
383
VMScore
CVE-2012-1992
Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and previous versions allows remote malicious users to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.10.2
Cmsmadesimple Cms Made Simple 1.9.2
Cmsmadesimple Cms Made Simple 1.9
Cmsmadesimple Cms Made Simple 1.0
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.2
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.1.4.1
Cmsmadesimple Cms Made Simple 1.1.1
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.6.8
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.0.5
Cmsmadesimple Cms Made Simple 1.2.2
Cmsmadesimple Cms Made Simple 0.1
Cmsmadesimple Cms Made Simple 0.6
Cmsmadesimple Cms Made Simple 0.7.1
Cmsmadesimple Cms Made Simple 0.2.1
Cmsmadesimple Cms Made Simple 0.10.2
890
VMScore
CVE-2010-4663
Unspecified vulnerability in the News module in CMS Made Simple (CMSMS) prior to 1.9.1 has unknown impact and attack vectors.
Cmsmadesimple Cms Made Simple 1.8.2
Cmsmadesimple Cms Made Simple 1.8.1
Cmsmadesimple Cms Made Simple 1.8
Cmsmadesimple Cms Made Simple 1.7.1
Cmsmadesimple Cms Made Simple 1.5
Cmsmadesimple Cms Made Simple 1.4
Cmsmadesimple Cms Made Simple 1.3
Cmsmadesimple Cms Made Simple 1.2.5
Cmsmadesimple Cms Made Simple 0.12
Cmsmadesimple Cms Made Simple 0.11.2
Cmsmadesimple Cms Made Simple 0.11.1
Cmsmadesimple Cms Made Simple 0.11
Cmsmadesimple Cms Made Simple 1.0.5
Cmsmadesimple Cms Made Simple 1.0.2
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.6.7
Cmsmadesimple Cms Made Simple 1.6.5
Cmsmadesimple Cms Made Simple 1.5.3
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.2.4
Cmsmadesimple Cms Made Simple 1.2.1
312
VMScore
CVE-2012-6064
Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) prior to 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-201...
Cmsmadesimple Cms Made Simple 1.9.4
Cmsmadesimple Cms Made Simple 1.9.4.1
Cmsmadesimple Cms Made Simple 1.9
Cmsmadesimple Cms Made Simple 1.1.3.1
Cmsmadesimple Cms Made Simple 1.7
Cmsmadesimple Cms Made Simple 1.6
Cmsmadesimple Cms Made Simple 1.6.1
Cmsmadesimple Cms Made Simple 1.3
Cmsmadesimple Cms Made Simple 1.4
Cmsmadesimple Cms Made Simple 1.0.1
Cmsmadesimple Cms Made Simple 1.4.1
Cmsmadesimple Cms Made Simple 1.2
Cmsmadesimple Cms Made Simple 0.6.1
Cmsmadesimple Cms Made Simple 0.7
Cmsmadesimple Cms Made Simple 0.4
Cmsmadesimple Cms Made Simple 0.3.2
Cmsmadesimple Cms Made Simple 0.8.1
Cmsmadesimple Cms Made Simple 0.8.2
Cmsmadesimple Cms Made Simple 0.12
Cmsmadesimple Cms Made Simple 0.11.2
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.9.2
605
VMScore
CVE-2012-5450
Cross-site request forgery (CSRF) vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) 1.11.2 and previous versions allows remote malicious users to hijack the authentication of administrators for requests that delete arbitrary files via the deld pa...
Cmsmadesimple Cms Made Simple 1.9.3
Cmsmadesimple Cms Made Simple 1.9.4
Cmsmadesimple Cms Made Simple 1.8.2
Cmsmadesimple Cms Made Simple 1.9
Cmsmadesimple Cms Made Simple 1.6.6
Cmsmadesimple Cms Made Simple 1.5.4
Cmsmadesimple Cms Made Simple
Cmsmadesimple Cms Made Simple 1.9.1
Cmsmadesimple Cms Made Simple 1.1.3
Cmsmadesimple Cms Made Simple 1.6.7
Cmsmadesimple Cms Made Simple 1.6.3
Cmsmadesimple Cms Made Simple 1.5
Cmsmadesimple Cms Made Simple 1.5.1
Cmsmadesimple Cms Made Simple 1.2.3
Cmsmadesimple Cms Made Simple 1.2.1
Cmsmadesimple Cms Made Simple 1.7.1
Cmsmadesimple Cms Made Simple 1.8.1
Cmsmadesimple Cms Made Simple 1.1
Cmsmadesimple Cms Made Simple 0.1
Cmsmadesimple Cms Made Simple 0.7.2
Cmsmadesimple Cms Made Simple 0.7.1
Cmsmadesimple Cms Made Simple 0.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started