GetSimple CMS 2.01 and 2.02 Administrative Credentials Disclosure

Exploit for php platform in category web applications ================================================================= GetSimple CMS 2.01 and 2.02 Administrative Credentials Disclosure ================================================================= Researcher: Michael Brooks Affecting: GetSimp...

Getsimple CMS 2.01 2.02 - Administrative Credentials Disclosure

Getsimple CMS 2.01 2.02 - Administrative Credentials Disclosure Researcher: Michael Brooks Affecting: GetSimple CMS 2.01 and 2.02 Fixed:2.03 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://code.google.com/p/get-simple-cms download url for 2.01:...

GetSimple CMS 2.01 / 2.02 Credential Disclosure

Researcher: Michael Brooks Affecting: GetSimple CMS 2.01 and 2.02 Fixed:2.03 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://code.google.com/p/get-simple-cms download url for 2.01: http://www.box.net/get-simple/1/30435008/399754548 download svn for 2.02beta: svn...

Getsimple CMS 2.01 < 2.02 - Administrative Credentials Disclosure

Researcher: Michael Brooks Affecting: GetSimple CMS 2.01 and 2.02 Fixed:2.03 Vulnerability: Administrative Credentials Disclosure Vendor's Homepage: http://code.google.com/p/get-simple-cms download url for 2.01: http://www.box.net/get-simple/1/30435008/399754548 download svn for 2.02beta: svn...

GetSimple CMS 2.01 Cross Site Scripting

Vulnerability ID: HTB22609 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingetsimplecms1.html Product: GetSimple CMS Vendor: Cagintranet Networks http://get-simple.info/ Vulnerable Version: 2.01 and Probably Prior Versions Vendor Notification: 15 September 2010 Vulnerability Type:...

Getsimple CMS 2.01 - changedata.php Cross-Site Scripting

Getsimple CMS 2.01 - changedata.php Cross-Site Scripting source: https://www.securityfocus.com/bid/43593/info GetSimple CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...

XSS vulnerability in GetSimple CMS

Vulnerability ID: HTB22609 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingetsimplecms1.html Product: GetSimple CMS Vendor: Cagintranet Networks http://get-simple.info/ Vulnerable Version: 2.01 and Probably Prior Versions Vendor Notification: 15 September 2010 Vulnerability Type:...

Getsimple CMS 2.01 - 'changedata.php' Cross-Site Scripting

source: https://www.securityfocus.com/bid/43593/info GetSimple CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

GetSimple CMS < 2.03 Multiple Vulnerabilities

GetSimple CMS is prone to multiple vulnerabilities. Copyright C 2010 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

GetSimple CMS 2.01 Cross Site Request Forgery / Cross Site Scripting

Date: Mon 12 Jul 2010 12:11:45 PM EEST Vendor: http://get-simple.info/ Download: http://www.box.net/get-simple --- -= CSRF PoC 1 - Change Admin Password =- GetSimple CMS 2.01 Multiple Vulnerabilities XSS/CSRF - Change Admin Password -= CSRF PoC 2 - Delete Page =- -= CSRF PoC 3 - Delete All Backup...

GetSimple CMS v2.01 (XSS/CSRF) Vulnerabilities

Exploit for php platform in category web applications ============================================== GetSimple CMS v2.01 XSS/CSRF Vulnerabilities ============================================== Date: Mon 12 Jul 2010 12:11:45 PM EEST Vendor: http://get-simple.info/ Download:...

Getsimple CMS 2.01 - Multiple Vulnerabilities

Getsimple CMS 2.01 - Multiple Vulnerabilities Date: Mon 12 Jul 2010 12:11:45 PM EEST Vendor: http://get-simple.info/ Download: http://www.box.net/get-simple --- -= CSRF PoC 1 - Change Admin Password =- GetSimple CMS 2.01 Multiple Vulnerabilities XSS/CSRF - Change Admin Password -= CSRF PoC 2 -...

Getsimple CMS 2.01 - Multiple Vulnerabilities

Date: Mon 12 Jul 2010 12:11:45 PM EEST Vendor: http://get-simple.info/ Download: http://www.box.net/get-simple --- -= CSRF PoC 1 - Change Admin Password =- GetSimple CMS 2.01 Multiple Vulnerabilities XSS/CSRF - Change Admin Password -= CSRF PoC 2 - Delete Page =- -= CSRF PoC 3 - Delete All Backup...

XSS vulnerability in GetSimple CMS

Vulnerability ID: HTB22375 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingetsimplecms.html Product: GetSimple CMS Vendor: Cagintranet Networks Vulnerable Version: 2.01 and Probably Prior Versions Vendor Notification: 10 May 2010 Vulnerability Type: XSS Cross Site Scripting Status:...

GetSimple CMS 2.01 Cross Site Scripting

Vulnerability ID: HTB22375 Reference: http://www.htbridge.ch/advisory/xssvulnerabilityingetsimplecms.html Product: GetSimple CMS Vendor: Cagintranet Networks Vulnerable Version: 2.01 and Probably Prior Versions Vendor Notification: 10 May 2010 Vulnerability Type: XSS Cross Site Scripting Status:...

Getsimple CMS 2.01 - components.php Cross-Site Scripting

Getsimple CMS 2.01 - components.php Cross-Site Scripting source: https://www.securityfocus.com/bid/40374/info GetSimple CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary scri...

Getsimple CMS 2.01 - &#039;components.php&#039; Cross-Site Scripting

source: https://www.securityfocus.com/bid/40374/info GetSimple CMS is prone to a cross-site scripting vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the...

Multiple Cross-site Scripting Vulnerabilities in GetSimple CMS

High-Tech Bridge SA Security Research Lab has discovered two vulnerabilities in GetSimple CMS which could be exploited to perform cross-site scripting attacks. 1 Cross-site scripting vulnerability in GetSimple CMS: CVE-2010-5052 The vulnerability exists due to input sanitation error in the "val"...

GetSimple 2.01 Local File Inclusion

Exploit Title: GetSimple 2.01 LFI Date: 4/5/2010 Author: Batch Software Link: http://www.box.net/get-simple Version: 2.01 Special Conditions: Must be admin. Code : ... get file if fileexists$GET'file' readfile$GET'file', 'r'; exit;...

Getsimple CMS 2.01 - Local File Inclusion

Getsimple CMS 2.01 - Local File Inclusion Exploit Title: GetSimple 2.01 LFI Date: 4/5/2010 Author: Batch Software Link: http://www.box.net/get-simple Version: 2.01 Special Conditions: Must be admin. Code : ... get file if fileexists$GET'file' readfile$GET'file', 'r'; exit;...