Lucene search
+L

CMS Made Simple <= 2.2.15 Multiple Vulnerabilities

🗓️ 24 Mar 2020 00:00:00Reported by Copyright (C) 2020 Greenbone AGType 
openvas
 openvas
🔗 plugins.openvas.org👁 70 Views

CMS Made Simple <= 2.2.15 Multiple Vulnerabilitie

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2020-10682
5 Jun 202115:44
circl
CNVD
CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2020-21240)
20 Mar 202000:00
cnvd
CNVD
CMS Made Simple Filemanager Remote Code Execution Vulnerability
20 Mar 202000:00
cnvd
CVE
CVE-2020-10681
20 Mar 202003:39
cve
CVE
CVE-2020-10682
20 Mar 202003:39
cve
Cvelist
CVE-2020-10681
20 Mar 202003:39
cvelist
Cvelist
CVE-2020-10682
20 Mar 202003:39
cvelist
EUVD
EUVD-2020-3121
7 Oct 202500:30
euvd
EUVD
EUVD-2020-3122
7 Oct 202500:30
euvd
NVD
CVE-2020-10681
20 Mar 202004:15
nvd
Rows per page
# SPDX-FileCopyrightText: 2020 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.113655");
  script_version("2025-01-21T05:37:33+0000");
  script_tag(name:"last_modification", value:"2025-01-21 05:37:33 +0000 (Tue, 21 Jan 2025)");
  script_tag(name:"creation_date", value:"2020-03-24 09:36:57 +0000 (Tue, 24 Mar 2020)");
  script_tag(name:"cvss_base", value:"6.8");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_tag(name:"severity_vector", value:"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
  script_tag(name:"severity_origin", value:"NVD");
  script_tag(name:"severity_date", value:"2020-03-24 18:42:00 +0000 (Tue, 24 Mar 2020)");

  script_tag(name:"qod_type", value:"remote_banner");

  script_tag(name:"solution_type", value:"WillNotFix");

  script_cve_id("CVE-2020-10681", "CVE-2020-10682");

  script_name("CMS Made Simple <= 2.2.15 Multiple Vulnerabilities");

  script_category(ACT_GATHER_INFO);

  script_copyright("Copyright (C) 2020 Greenbone AG");
  script_family("Web application abuses");
  script_dependencies("gb_cms_made_simple_http_detect.nasl");
  script_mandatory_keys("cmsmadesimple/detected");

  script_tag(name:"summary", value:"CMS Made Simple is prone to multiple vulnerabilities.");

  script_tag(name:"vuldetect", value:"Checks if a vulnerable version is present on the target host.");

  script_tag(name:"insight", value:"The following vulnerabilities exist:

  - CVE-2020-10681: Stored XSS vulnerability by sending a crafted .pxd file via the m1_files[]
  parameter to admin/moduleinterface.php

  - CVE-2020-10682: Remote Code Execution vulnerability by sending a crafted .php.jpegd JPEG file via
  the m1_files[] parameter to admin/moduleinterface.php");

  script_tag(name:"impact", value:"Successful exploitation would allow an attacker to inject arbitrary
  HTML or JavaScript into the site or execute arbitrary commands on the target machine.");

  script_tag(name:"affected", value:"CMS Made Simple through version 2.2.15.");

  script_tag(name:"solution", value:"No known solution was made available for at least one year since
  the disclosure of this vulnerability. Likely none will be provided anymore. General solution options
  are to upgrade to a newer release, disable respective features, remove the product or replace the
  product by another one.");

  script_xref(name:"URL", value:"http://dev.cmsmadesimple.org/bug/view/12274");
  script_xref(name:"URL", value:"http://dev.cmsmadesimple.org/bug/view/12275");

  exit(0);
}

CPE = "cpe:/a:cmsmadesimple:cms_made_simple";

include( "host_details.inc" );
include( "version_func.inc" );

if( ! port = get_app_port( cpe: CPE ) )
  exit( 0 );

if( ! infos = get_app_version_and_location( cpe: CPE, port: port, exit_no_version: TRUE ) )
  exit( 0 );

version = infos["version"];
location = infos["location"];

if( version_is_less_equal( version: version, test_version: "2.2.15" ) ) {
  report = report_fixed_ver( installed_version: version, fixed_version: "None", install_path: location );
  security_message( data: report, port: port );
  exit( 0 );
}

exit( 99 );

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

21 Jan 2025 00:00Current
6.2Medium risk
Vulners AI Score6.2
CVSS 26.8
CVSS 3.17.8
EPSS0.01915
70