CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

CMS Made Simple 2.2.15 contains a stored cross-site scripting vulnerability that allows authenticated users with Content Manager access to inject malicious scripts through SVG file uploads. Attackers can upload SVG files containing embedded JavaScript to the file manager, which executes when othe...

6.4CVSS0.00034EPSS

Exploits0References4

Vulnrichment•added 2026/05/16 3:25 p.m.•5 views

CVE-2020-37238 CMS Made Simple 2.2.15 Stored XSS via SVG File Upload

6.4CVSS5.6AI score0.00034EPSS

Exploits0References4

CVE•added 2026/05/16 3:25 p.m.•6 views

CVE-2020-37238

CVE-2020-37238 affects CMS Made Simple 2.2.15. The vulnerability is a stored cross-site scripting (XSS) flaw in the file manager: authenticated Content Manager users can upload SVG files containing embedded JavaScript, which executes when other authenticated users view the uploaded file, enabling...

6.4CVSS5.6AI score0.00034EPSS

Exploits0References4

CNNVD•added 2026/05/16 12:0 a.m.•5 views

CMS Made Simple 跨站脚本漏洞

CMS Made Simple CMSMS is an open-source content management system developed by the Cmsms team. This system supports role-based permission management systems, wizard-based installation and update mechanisms, and intelligent caching features. Version 2.2.15 of CMS Made Simple contains a cross-site...

6.4CVSS5.6AI score0.00034EPSS

Exploits0References1

GithubExploit•added 2026/05/13 4:17 a.m.•71 views

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

SimpleCTF-THM-Relatory First CTF successfully completed! This...

8.1CVSS5.9AI score0.92556EPSS

Exploits35

GithubExploit•added 2026/04/25 11:44 p.m.•81 views

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

-CVE-201...

8.1CVSS7.7AI score0.92556EPSS

Exploits35

GithubExploit•added 2026/04/17 8:37 p.m.•67 views

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

C...

8.1CVSS7.3AI score0.92556EPSS

Exploits35

RedhatCVE•added 2026/04/01 5:39 p.m.•2 views

CVE-2026-5203

A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the...

5.8CVSS5.5AI score0.00076EPSS

Exploits1References1

NVD•added 2026/03/31 4:16 p.m.•2 views

CVE-2026-5203

5.8CVSS0.00076EPSS

Exploits1References4

Cvelist•added 2026/03/31 3:45 p.m.•22 views

CVE-2026-5203 CMS Made Simple UserGuide Module XML Import class.UserGuideImporterExporter.php _copyFilesToFolder path traversal

5.8CVSS0.00076EPSS

Exploits1References4

CVE•added 2026/03/31 3:45 p.m.•3 views

CVE-2026-5203

CMS Made Simple

5.8CVSS5.5AI score0.00076EPSS

Exploits1References4

CNNVD•added 2026/03/31 12:0 a.m.•2 views

CMS Made Simple（CMSMS）路径遍历漏洞

CMS Made Simple CMSMS is an open-source content management system developed by the Cmsms team. This system supports role-based permission management, wizard-based installation and update mechanisms, and intelligent caching features. Version 2.2.22 and earlier of CMS Made Simple contained a path...

5.8CVSS5.8AI score0.00076EPSS

Exploits1References4

Positive Technologies•added 2026/03/31 12:0 a.m.•0 views

PT-2026-29288

5.8CVSS5.5AI score0.00076EPSS

Exploits1References5

RedhatCVE•added 2026/03/26 3:15 p.m.•2 views

CVE-2026-4225

A security flaw has been discovered in CMS Made Simple up to 2.2.21. Impacted is an unknown function of the file admin/listusers.php of the component User Management Module. Performing a manipulation of the argument Message results in cross site scripting. The attack is possible to be carried out...

4.8CVSS4AI score0.00038EPSS

Exploits0References1

Vulnrichment•added 2026/03/16 7:32 a.m.•1 views

CVE-2026-4225 CMS Made Simple User Management listusers.php cross site scripting

4.8CVSS4AI score0.00038EPSS

Exploits0References4