Lucene search
+L

GetSimple CMS 3.1 admin/upload.php path Parameter XSS

🗓️ 12 May 2012 00:00:00Reported by Chokri Ben AchorType 
exploitdb
 exploitdb
🔗 www.exploit-db.com👁 44 Views

GetSimple CMS 3.1 admin/upload.php XSS vulnerabilit

Related
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2012-6621
3 Jan 202000:37
circl
CVE
CVE-2012-6621
16 Jan 201421:00
cve
Cvelist
CVE-2012-6621
16 Jan 201421:00
cvelist
Exploit DB
GetSimple CMS 3.1 admin/theme.php err Parameter Reflected XSS
12 May 201200:00
exploitdb
Exploit DB
GetSimple CMS 3.1 admin/pages.php error Parameter Reflected XSS
12 May 201200:00
exploitdb
Exploit DB
GetSimple CMS 3.1 admin/index.php Multiple Parameter Reflected XSS
12 May 201200:00
exploitdb
EUVD
EUVD-2012-6467
7 Oct 202500:30
euvd
NVD
CVE-2012-6621
16 Jan 201421:55
nvd
OpenVAS
GetSimple CMS 3.1.x / 3.2.x Multiple Vulnerabilities
21 Jan 201400:00
openvas
Prion
Cross site scripting
16 Jan 201421:55
prion
Rows per page
source: http://www.securityfocus.com/bid/53501/info
   
GetSimple CMS is prone to HTML-injection and cross-site scripting vulnerabilities because it fails to properly sanitize user-supplied input before using it in dynamically generated content.
   
Successful exploits will allow attacker-supplied HTML and script code to run in the context of the affected browser, potentially allowing the attacker to steal cookie-based authentication credentials or to control how the site is rendered to the user. Other attacks are also possible.
   
GetSimple CMS 3.1 is vulnerable; other versions may also be affected. 

http://www.example.com/getsimple/admin/upload.php?path=%3E%22%3Ciframe%20src=http://www.vulnerability-lab.com%20width=800%20height=800%3E&newfolder=rem0ve 

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

12 May 2012 00:00Current
6.3Medium risk
Vulners AI Score6.3
CVSS 24.3
EPSS0.01432
44