5 matches found
Cross site scripting
XSS exists in CMS Made Simple version 2.2.7 via the m1newsurl parameter in an admin/moduleinterface.php "Content--News--Add Article" action...
CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2017-04711)
CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in the...
CVE-2017-7257
XSS exists in the CMS Made Simple CMSMS 2.1.6 "Content--News--Add Article" feature via the m1content parameter. Someone must login to conduct the attack...
Cross site scripting
XSS exists in the CMS Made Simple CMSMS 2.1.6 "Content--News--Add Article" feature via the m1content parameter. Someone must login to conduct the attack...
PT-2017-17614 · Cms Made Simple · Cms Made Simple
Name of the Vulnerable Software and Affected Versions: CMS Made Simple versions 2.1.6 Description: A security issue exists in the "Content--News--Add Article" feature of the software, where an attacker can exploit the m1 title parameter to conduct a cross-site scripting XSS attack. This attack...