Lucene search
K

1249 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 11:25 a.m.8 views

CVE-2021-28999

SQL Injection vulnerability in CMS Made Simple through 2.2.15 allows remote attackers to execute arbitrary commands via the m1sortby parameter to modules/News/function.adminarticlestab.php...

8.8CVSS8.9AI score0.01332EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:55 a.m.7 views

CVE-2022-23907

CMS Made Simple v2.2.15 was discovered to contain a reflected cross-site scripting XSS vulnerability via the parameter m1fmmessage...

6.1CVSS6.1AI score0.00632EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:54 a.m.10 views

CVE-2022-23906

CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution RCE vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file...

7.2CVSS7.6AI score0.02087EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:54 a.m.6 views

CVE-2020-23481

CMS Made Simple 2.2.14 was discovered to contain a cross-site scripting XSS vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Field Definition text field...

5.4CVSS6.1AI score0.00461EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:53 a.m.9 views

CVE-2020-10682

The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1files to admin/moduleinterface.php. The file should be sent as application/octet-stream and contain PHP code it need not be a valid JPEG file...

7.8CVSS7.9AI score0.01915EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:50 a.m.6 views

CVE-2020-10681

The Filemanager in CMS Made Simple 2.2.13 has stored XSS via a .pxd file, as demonstrated by m1files to admin/moduleinterface.php...

5.4CVSS5.6AI score0.00623EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2025/11/19 2:23 p.m.272 views

Exploit for SQL Injection in Cmsmadesimple Cms_Made_Simple

Simple-CTF-THM-Writeup This repository is a complete walkthrough...

8.1CVSS8.7AI score0.55958EPSS
Exploits38
EUVD
EUVD
added 2025/11/11 12:30 a.m.6 views

EUVD-2025-50830

An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted PHP file...

7.3AI score0.00435EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/11/11 12:11 a.m.11 views

CVE-2025-63678

An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted PHP file...

7.2CVSS7.8AI score0.00435EPSS
Exploits1References1
OSV
OSV
added 2025/11/10 11:15 p.m.4 views

CVE-2025-63678

An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted PHP file...

7.2CVSS6.1AI score0.00435EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/11/10 12:0 a.m.4 views

CVE-2025-63678

An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted PHP file...

7.4AI score0.00435EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/11/10 12:0 a.m.8 views

CVE-2025-63678

An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted PHP file...

0.00435EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/11/10 12:0 a.m.8 views

PT-2025-46221

Name of the Vulnerable Software and Affected Versions CMS Made Simple Foundation File Manager version 2.2.22 Description An authenticated arbitrary file upload issue exists in the /uploads/ endpoint of the software. An attacker with Administrator privileges can upload a crafted PHP file,...

7.2CVSS7.2AI score0.00435EPSS
Exploits1References6
CNNVD
CNNVD
added 2025/11/10 12:0 a.m.2 views

CMSmadesimple 安全漏洞

CMSmadesimple is an open source content management system from the CMS Made Simple Foundation. A security vulnerability exists in CMSmadesimple version 2.2.22, which originates from the presence of an authenticated, arbitrary file upload in the /uploads/ endpoint and could lead to the execution o...

7.2CVSS7AI score0.00435EPSS
Exploits1References2
CVE
CVE
added 2025/11/10 12:0 a.m.16 views

CVE-2025-63678

Summary: CVE-2025-63678 affects CMS Made Simple Foundation File Manager v2.2.22. An authenticated attacker with Administrator privileges can upload a crafted PHP file to the /uploads/ endpoint, potentially leading to arbitrary code execution. This aligns with multiple sources in the connected doc...

7.2CVSS7.4AI score0.00435EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-2167

Malware in sbrugna...

9.8CVSS9.5AI score0.03926EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2019-2927

Malware in sbrugna...

5.4CVSS5.5AI score0.00917EPSS
Exploits3References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2019-18443

Malware in sbrugna...

8.8CVSS8.7AI score0.01599EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2020-12925

Malware in sbrugna...

6.1CVSS6.3AI score0.0328EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-15993

Malware in sbrugna...

4.8CVSS5.1AI score0.00473EPSS
Exploits1References2
Rows per page
Query Builder