2 matches found
CVE-2021-47860
GetSimple CMS Custom JS 0.1 plugin contains a cross-site request forgery vulnerability that allows unauthenticated attackers to inject arbitrary client-side code into administrator browsers. Attackers can craft a malicious website that triggers a cross-site scripting payload to execute remote cod...
Code execution vulnerability in GetSimple CMS
GetSimple is a very simple and easy to install and customize content management system . It uses XML to store data and requires no MySQL support. A code execution vulnerability exists in GetSimple CMS, which can be exploited by an attacker to gain administrator privileges and execute arbitrary co...