CVE-2020-23839

A Reflected Cross-Site Scripting XSS vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the logi...

Cross site scripting

A Reflected Cross-Site Scripting XSS vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the logi...

CVE-2020-23839

A Reflected Cross-Site Scripting XSS vulnerability in GetSimple CMS v3.3.16, in the admin/index.php login portal webpage, allows remote attackers to execute JavaScript code in the client's browser and harvest login credentials after a client clicks a link, enters credentials, and submits the logi...

CVE-2020-23839

CVE-2020-23839 affects GetSimple CMS v3.3.16, specifically the admin/index.php login portal. The issue is a reflected XSS caused by improper input validation, enabling an attacker to cause JavaScript execution in an admin user’s browser and potentially harvest credentials after interacting with a...

PT-2020-15596 · Getsimple · Getsimple Cms

Name of the Vulnerable Software and Affected Versions: GetSimple CMS version 3.3.16 Description: A Reflected Cross-Site Scripting issue allows remote attackers to execute JavaScript code in the client's browser and potentially harvest login credentials after a client clicks a link, enters...

GetSimple CMS Plugin Multi User 1.8.2 - Cross-Site Request Forgery (Add Admin)

Exploit Title: GetSimple CMS Plugin Multi User v1.8.2 - Cross-Site Request Forgery Add Admin Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: August 2020-08-12 Vendor Homepage: http://get-simple.info/extend/plugin/multi-user/133/ Software Link:...

GetSimple CMS Plugin Multi User 1.8.2 - Cross-Site Request Forgery (Add Admin) Vulneraility

Exploit for php platform in category web applications Exploit Title: GetSimple CMS Plugin Multi User v1.8.2 - Cross-Site Request Forgery Add Admin Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Vendor Homepage: http://get-simple.info/extend/plugin/multi-user/133/ Software Link:...

GetSimple CMS Multi User 1.8.2 Cross Site Request Forgery

Exploit Title: GetSimple CMS Plugin Multi User v1.8.2 - Cross-Site Request Forgery Delete Admin/User Exploit Author: Bobby Cooke boku & Adeeb Shah @hyd3sec Date: August 12, 2020 Vendor Homepage: http://get-simple.info/extend/plugin/multi-user/133/ Software Link:...

CVE-2013-1420

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to backup-edit.php; 2 title or 3 menu parameter to edit.php; or 4 path or 5 returnid parameter to filebrowser.php in admin/. NOTE: t...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to backup-edit.php; 2 title or 3 menu parameter to edit.php; or 4 path or 5 returnid parameter to filebrowser.php in admin/. NOTE: t...

CVE-2013-1420

GetSimple CMS before 3.2.1 has multiple XSS weaknesses allowing remote injection of script/HTML via: (1) id in backup-edit.php; (2) title or (3) menu in edit.php; or (4) path or (5) returnid in filebrowser.php under admin/. Note: path in admin/upload.php is covered by CVE-2012-6621. No public det...

CVE-2013-1420

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to backup-edit.php; 2 title or 3 menu parameter to edit.php; or 4 path or 5 returnid parameter to filebrowser.php in admin/. NOTE: t...

Code execution vulnerability in GetSimple CMS

GetSimple is a very simple and easy to install and customize content management system . It uses XML to store data and requires no MySQL support. A code execution vulnerability exists in GetSimple CMS, which can be exploited by an attacker to gain administrator privileges and execute arbitrary co...

CVE-2019-16333

GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting XSS in admin/theme-edit.php...

CVE-2019-16333

GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting XSS in admin/theme-edit.php...

Cross site scripting

GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting XSS in admin/theme-edit.php...

CVE-2019-16333

GetSimple CMS v3.3.15 is affected by a persistent Cross-Site Scripting (XSS) vulnerability in admin/theme-edit.php. The CVE description and connected sources (NVD/NVD mirrors, OpenVAS entry, and related advisories) consistently identify GetSimple CMS 3.3.15 as vulnerable to XSS in that admin page...

CVE-2019-16333

GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting XSS in admin/theme-edit.php...

GetSimple CMS <= 3.3.16 RCE Vulnerability

GetSimple CMS is prone to a remote code execution RCE vulnerability. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free...

GetSimple CMS < 3.3.16 Multiple Vulnerabilities

GetSimple CMS is prone to multiple vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...