Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
getsimple cms vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2023-51246
A Cross Site Scripting (XSS) vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page.
Get-simple Getsimplecms 3.3.16
9.8
CVSSv3
CVE-2022-41544
GetSimple CMS v3.3.16 exists to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.
Get-simple Getsimple Cms 3.3.16
1 Github repository
5.4
CVSSv3
CVE-2022-1503
A vulnerability, which was classified as problematic, has been found in GetSimple CMS. Affected by this issue is the file /admin/edit.php of the Content Module. The manipulation of the argument post-content with an input like <script>alert(1)</script> leads to cross s...
Get-simple Getsimple Cms -
6.5
CVSSv3
CVE-2021-29400
A cross-site request forgery (CSRF) vulnerability in the My SMTP Contact v1.1.1 plugin for GetSimple CMS allows remote malicious users to change the SMTP settings of the contact forms for the webpages of the CMS after an authenticated admin visits a malicious third-party site.
Netexplorer My Smtp Contact 1.1.1
5.4
CVSSv3
CVE-2020-21353
A stored cross site scripting (XSS) vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a allows malicious users to execute arbitrary web scripts or HTML via crafted payload in the Edit Snippets module.
Get-simple Getsimplecms 3.4.0a
5.4
CVSSv3
CVE-2020-24861
GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page
Get-simple Getsimple Cms 3.3.16
8.8
CVSSv3
CVE-2020-23837
A Cross-Site Request Forgery (CSRF) vulnerability in the Multi User plugin 1.8.2 for GetSimple CMS allows remote malicious users to add admin (or other) users after an authenticated admin visits a third-party site or clicks on a URL.
Multi User Project Multi User 1.8.2
6.1
CVSSv3
CVE-2020-23839
A Reflected Cross-Site Scripting (XSS) vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote malicious users to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters cre...
Get-simple Getsimple Cms 3.3.16
1 Github repository
6.1
CVSSv3
CVE-2013-1420
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS prior to 3.2.1 allow remote malicious users to inject arbitrary web script or HTML via the (1) id parameter to backup-edit.php; (2) title or (3) menu parameter to edit.php; or (4) path or (5) returnid parameter ...
Get-simple Getsimple Cms
5.4
CVSSv3
CVE-2019-16333
GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting (XSS) in admin/theme-edit.php.
Get-simple Getsimple Cms 3.3.15
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »