CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

39 matches found

OSV•added 2021/10/13 11:15 p.m.•1 views

CVE-2021-41075

The NetFlow Analyzer in Zoho ManageEngine OpManger before 125455 is vulnerable to SQL Injection in the Attacks Module API...

9.8CVSS5.8AI score

Exploits0References1

Fedora•added 2021/09/24 8:40 p.m.•27 views

[SECURITY] Fedora 35 Update: python-pycares-4.0.0-5.fc35

pycares is a Python module which provides an interface to c-ares. c-ares is a C library that performs DNS requests and name resolutions asynchronously...

6.8CVSS2.2AI score0.00044EPSS

Exploits1

OSV•added 2020/09/30 6:15 p.m.•3 views

CVE-2020-22842

CMS Made Simple before 2.2.15 allows XSS via the m1mod parameter in a ModuleManager localuninstall action to admin/moduleinterface.php...

5.4CVSS6.1AI score0.00374EPSS

Exploits1References1

OSV•added 2019/03/26 10:29 p.m.•1 views

CVE-2019-10106

CMS Made Simple 2.2.10 has XSS via the 'moduleinterface.php' Name field, which is reachable via an "Add Category" action to the "Site Admin Settings - News module" section...

5.4CVSS5.8AI score

Exploits0References1

OSV•added 2019/03/24 10:29 p.m.•1 views

CVE-2019-10017

CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker...

5.4CVSS6.1AI score

Exploits0References2

CNVD•added 2018/10/16 12:0 a.m.•1 views

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2018-21252)

CMS Made Simple CMSMS is an open source content management system CMS developed by the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in the...

6.1CVSS6AI score0.0024EPSS

Exploits1References1

CNVD•added 2018/10/16 12:0 a.m.•1 views

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2018-21249)

6.1CVSS6AI score0.0024EPSS

Exploits1References1

OSV•added 2018/10/12 7:29 p.m.•3 views

CVE-2018-18270

XSS exists in CMS Made Simple version 2.2.7 via the m1newsurl parameter in an admin/moduleinterface.php "Content--News--Add Article" action...

6.1CVSS5.8AI score0.0024EPSS

Exploits1References1

CNVD•added 2018/04/12 12:0 a.m.•1 views

CMS Made Simple admin/moduleinterface.php Cross-Site Request Forgery Vulnerability

CMS Made Simple is a content management system developed using PHP, MySQL and Smarty template engine. A cross-site request forgery vulnerability exists in admin/moduleinterface.php in CMS Made Simple 2.2.7. No detailed vulnerability details are provided at this time...

8.8CVSS6.8AI score0.00171EPSS

Exploits1References1

OSV•added 2018/04/11 7:29 p.m.•2 views

CVE-2018-10031

CMS Made Simple aka CMSMS 2.2.7 has CSRF in admin/moduleinterface.php...

8.8CVSS5.8AI score0.00171EPSS

Exploits1References1

NVD•added 2018/03/12 3:29 a.m.•11 views

CVE-2018-7893

CMS Made Simple CMSMS 2.2.6 has stored XSS in admin/moduleinterface.php via the metadata parameter...

4.8CVSS4.9AI score0.00235EPSS

Exploits1References1

OSV•added 2018/03/12 3:29 a.m.•3 views

CVE-2018-7893

CMS Made Simple CMSMS 2.2.6 has stored XSS in admin/moduleinterface.php via the metadata parameter...

4.8CVSS5.8AI score

Exploits0References1

Cvelist•added 2018/03/12 3:0 a.m.•15 views

CVE-2018-7893

CMS Made Simple CMSMS 2.2.6 has stored XSS in admin/moduleinterface.php via the metadata parameter...

4.9AI score0.00235EPSS

Exploits1References1

CNVD•added 2018/03/12 12:0 a.m.•1 views

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2018-06376)

4.8CVSS6.1AI score0.00235EPSS

Exploits1References1

CNVD•added 2018/01/26 12:0 a.m.•1 views

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2018-02620)

CMS Made Simple is a simple, easy-to-use content management system developed using PHP, MySQL and Smarty template engines. A cross-site scripting vulnerability exists in CMS Made Simple CMSMS 2.2.5. The vulnerability can be exploited to conduct cross-site scripting attacks via the m1errors...

4.8CVSS6.2AI score0.00472EPSS

Exploits1References1

CNVD•added 2018/01/26 12:0 a.m.•2 views

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2018-02621)

CMS Made Simple is a simple, easy-to-use content management system developed using PHP, MySQL and Smarty template engine. A cross-site scripting vulnerability exists in CMS Made Simple CMSMS 2.2.5. The vulnerability can be exploited to conduct cross-site scripting attacks via the m1messages...

4.8CVSS6.2AI score0.00279EPSS

Exploits1References1

CNVD•added 2017/11/13 12:0 a.m.•1 views

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2017-36502)

5.4CVSS6.3AI score0.00191EPSS

Exploits0References1

OSV•added 2017/11/12 6:29 p.m.•2 views

CVE-2017-16799

In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, stored XSS is possible via the m1name parameter to admin/moduleinterface.php during addition of a category, a related issue to CVE-2010-3882...

5.4CVSS5.8AI score0.00191EPSS

Exploits0References1

OSV•added 2017/03/09 9:59 a.m.•3 views

CVE-2017-6555

Cross-site scripting XSS vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1description parameter aka "Design Manager Categories Category Description"...

5.4CVSS5.9AI score

Exploits0References2

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by