XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 up to and including 3.3.x prior to 3.3.5 Beta 1, when in certain configurations, allows remote malicious users to read arbitrary files via the data parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
get-simple getsimple cms 3.3.2 |
||
get-simple getsimple cms 3.2 |
||
cagintranetworks getsimple cms 3.3.3 |
||
cagintranetworks getsimple cms 3.3.4 |
||
get-simple getsimple cms 3.1.1 |
||
get-simple getsimple cms 3.1.2 |
||
get-simple getsimple cms 3.2.1 |
||
get-simple getsimple cms 3.2.2 |
||
get-simple getsimple cms 3.3.0 |
||
get-simple getsimple cms 3.2.3 |
||
get-simple getsimple cms 3.3.1 |