Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

462 matches found

Prion
Prionadded 2019/05/22 6:29 p.m.18 views

Path traversal

An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content PHP code, for example. This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to th...

5CVSS9.5AI score0.71598EPSS
Exploits5References2Affected Software1
OSV
OSVadded 2019/05/22 6:29 p.m.17 views

CVE-2019-11231

An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content PHP code, for example. This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to th...

9.8CVSS7.1AI score
Exploits0References2
NVD
NVDadded 2019/05/22 6:29 p.m.28 views

CVE-2019-11231

An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content PHP code, for example. This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to th...

9.8CVSS9.6AI score0.71598EPSS
Exploits5References2
Cvelist
Cvelistadded 2019/05/22 5:5 p.m.34 views

CVE-2019-11231

An issue was discovered in GetSimple CMS through 3.3.15. insufficient input sanitation in the theme-edit.php file allows upload of files with arbitrary content PHP code, for example. This vulnerability is triggered by an authenticated user; however, authentication can be bypassed. According to th...

9.7AI score0.71598EPSS
Exploits5References2
CVE
CVEadded 2019/05/22 5:5 p.m.145 views

CVE-2019-11231

GetSimple CMS

9.8CVSS9.6AI score0.71598EPSS
Exploits5References2Affected Software1
CNVD
CNVDadded 2019/05/16 12:0 a.m.3 views

GetSimple CMS Remote Code Execution Vulnerability

GetSimple CMS is a content management system CMS written in PHP. A remote code execution vulnerability exists in GetSimple CMS version 3.3.15 and earlier. A remote attacker can exploit this vulnerability to execute arbitrary PHP code on an affected system...

9.8CVSS8.5AI score0.71598EPSS
Exploits5References1
CNVD
CNVDadded 2019/03/22 12:0 a.m.4 views

GetSimple CMS Open Redirect Vulnerability

GetSimple CMS is an XML-based, completely self-contained, streamlined content management system. An open redirect vulnerability exists in GetSimple CMS 3.3.13. An attacker can exploit this vulnerability via the admin/index.php redirect parameter to conduct redirection attacks...

6.1CVSS6.9AI score0.03626EPSS
Exploits0References1
CNVD
CNVDadded 2019/01/03 12:0 a.m.2 views

Cagintranet Networks GetSimple CMS Cross-Site Scripting Vulnerability (CNVD-2019-00386)

Cagintranet Networks GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site scripting vulnerability exists in Cagintranet Networks GetSimple CMS...

5.4CVSS6.3AI score0.0057EPSS
Exploits1References1
Prion
Prionadded 2018/12/31 3:29 p.m.19 views

Cross site scripting

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325...

3.5CVSS5.6AI score0.00797EPSS
Exploits2References1Affected Software1
OSV
OSVadded 2018/12/31 3:29 p.m.17 views

CVE-2018-19845

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325...

5.4CVSS5.8AI score0.0057EPSS
Exploits1References1
NVD
NVDadded 2018/12/31 3:29 p.m.16 views

CVE-2018-19845

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325...

5.4CVSS5.6AI score0.0057EPSS
Exploits1References1
CVE
CVEadded 2018/12/31 3:0 p.m.42 views

CVE-2018-19845

CVE-2018-19845 is a stored XSS in GetSimple CMS. Multiple connected documents confirm the vulnerability in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter (and related CVE-2018-16325). CNVD/OSV/ CNVD entries also reference GetSimple CMS 3.4.0.9 and the admin/edit.php title field...

5.4CVSS5.5AI score0.0057EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2018/12/31 3:0 p.m.18 views

CVE-2018-19845

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325...

5.4AI score0.0057EPSS
Exploits1References1
CNVD
CNVDadded 2018/11/22 12:0 a.m.5 views

GetSimple CMS HTML File Execution Vulnerability

Cagintranet GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A security vulnerability exists in Cagintranet GetSimple CMS version 3.3.15. An attacker ca...

4CVSS5.1AI score0.00777EPSS
Exploits1References1
CNVD
CNVDadded 2018/11/22 12:0 a.m.2 views

GetSimple CMS HTML File Execution Vulnerability (CNVD-2019-00329)

Cagintranet GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A security vulnerability exists in Cagintranet GetSimple CMS version 3.3.15. An attacker ca...

4CVSS5.1AI score0.00777EPSS
Exploits1References1
NVD
NVDadded 2018/10/01 8:29 a.m.15 views

CVE-2018-17835

An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI...

4.8CVSS4.8AI score0.0067EPSS
Exploits1References1
OSV
OSVadded 2018/10/01 8:29 a.m.11 views

CVE-2018-17835

An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI...

4.8CVSS5.5AI score
Exploits0References1
Prion
Prionadded 2018/10/01 8:29 a.m.10 views

Cross site scripting

An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI...

3.5CVSS4.7AI score0.0067EPSS
Exploits1References1Affected Software1
Cvelist
Cvelistadded 2018/10/01 8:0 a.m.18 views

CVE-2018-17835

An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI...

4.9AI score0.0067EPSS
Exploits1References1
CVE
CVEadded 2018/10/01 8:0 a.m.47 views

CVE-2018-17835

GetSimple CMS 3.3.15 is affected by CVE-2018-17835. The issue is a stored XSS: an administrator can inject malicious payload via the admin/settings.php Custom Permalink Structure parameter, which then contaminates any page created at the admin/pages.php URI. The vulnerability is rooted in imprope...

4.8CVSS4.7AI score0.0067EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder