462 matches found
Cagintranet GetSimple CMS Cross-Site Request Forgery Vulnerability
Cagintranet GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site request forgery vulnerability exists in Cagintranet GetSimple CMS version...
CVE-2018-17103
An issue was discovered in GetSimple CMS v3.3.13. There is a CSRF vulnerability that can change the administrator's password via admin/settings.php. NOTE: The vendor reported that the PoC was sending a value for the nonce parameter...
CVE-2018-17103
An issue was discovered in GetSimple CMS v3.3.13. There is a CSRF vulnerability that can change the administrator's password via admin/settings.php. NOTE: The vendor reported that the PoC was sending a value for the nonce parameter...
Design/Logic Flaw
DISPUTED An issue was discovered in GetSimple CMS v3.3.13. There is a CSRF vulnerability that can change the administrator's password via admin/settings.php. NOTE: The vendor reported that the PoC was sending a value for the nonce parameter...
CVE-2018-17103
An issue was discovered in GetSimple CMS v3.3.13. There is a CSRF vulnerability that can change the administrator's password via admin/settings.php. NOTE: The vendor reported that the PoC was sending a value for the nonce parameter...
CVE-2018-17103
GetSimple CMS v3.3.13 is affected by a CSRF vulnerability that can change the administrator password via admin/settings.php. The issue is evidenced in multiple sources (NVD/CVE-2018-17103, CNVD-2018-19747, OSV, CVE records). The root cause is a CSRF flaw possibly related to nonce handling, enabli...
PT-2018-13897 · Getsimple · Getsimple Cms
Name of the Vulnerable Software and Affected Versions: GetSimple CMS version 3.3.13 Description: An issue was discovered that allows for a CSRF vulnerability, which can change the administrator's password via the "admin/settings.php" endpoint. The vendor reported that the proof of concept was...
Cagintranet GetSimple CMS Cross-Site Scripting Vulnerability
Cagintranet GetSimple CMS is an XML-based content management system CMS from Cagintranet Networks, USA. The system includes a theme selector and editor, component editor, image and file managers, and more. A cross-site scripting vulnerability exists in the admin/edit.php page in Cagintranet...
Cross site scripting
There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field...
CVE-2018-16325
There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field...
CVE-2018-16325
There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field...
CVE-2018-16325
GetSimple CMS 3.4.0.9 is affected by Stored/ reflected XSS via the admin/edit.php title field (CVE-2018-16325). The available connected documents confirm XSS in the title input, but do not provide exploitation details or a patch/mitigation entry. No explicit root-cause or vulnerable vector beyond...
CVE-2018-16325
There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field...
Design/Logic Flaw
GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field...
CVE-2018-15843
GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field...
CVE-2018-15843
GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field...
CVE-2018-15843
GetSimple CMS 3.3.14 is vulnerable to Cross-Site Scripting (XSS) through the admin/edit.php “Add New Page” field. The CNVD entry attributes the issue to inadequate filtering of the Add New Page input in GetSimple CMS 3.3.14, enabling a remote attacker to inject arbitrary web script or HTML. The C...
CVE-2018-15843
GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field...
GetSimple CMS 3.3.13 Cross Site Scripting
Exploit Title: GetSimple CMS 3.3.13 - Cross Site Scripting Vulnerability Google Dork: N/A Date: 03-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://get-simple.info/ Software Link: http://get-simple.info/download/ Affected Version: 3.3.13...
GetSimple CMS 3.3.13 - Cross-Site Scripting
GetSimple CMS 3.3.13 - Cross-Site Scripting Exploit Title: GetSimple CMS 3.3.13 - Cross Site Scripting Vulnerability Google Dork: N/A Date: 03-04-2018 Exploit Author: Sureshbabu Narvaneni Author Blog : http://nullnews.in Vendor Homepage: http://get-simple.info/ Software Link:...