24 matches found
EUVD-2019-18447
Malware in sbrugna...
EUVD-2020-7207
Malware in sbrugna...
EUVD-2006-4462
Malware in sbrugna...
EUVD-2019-7644
Malware in sbrugna...
CVE-2020-22842
CMS Made Simple before 2.2.15 allows XSS via the m1mod parameter in a ModuleManager localuninstall action to admin/moduleinterface.php...
CVE-2020-15079
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in version 1.7.6.6...
CVE-2020-15079
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in version 1.7.6.6...
CVE-2020-15079
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in version 1.7.6.6...
Improper access control
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in version 1.7.6.6...
CVE-2020-15079
In PrestaShop, CVE-2020-15079 affects versions 1.5.0.0 through before 1.7.6.6, caused by improper access control on the Carrier page, Module Manager, and Module Positions. The issue is documented as fixed in version 1.7.6.6. Connected sources corroborate the vulnerability description and fix path...
CVE-2020-14926
CMS Made Simple 2.2.14 allows XSS via a Search Term to the admin/moduleinterface.php?mact=ModuleManager page...
CMS Made Simple <= 2.2.11 Cross-Site Scripting (XSS) Vulnerability
CMS Made Simple is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2019-17226
CMS Made Simple CMSMS 2.2.11 allows XSS via the Site Admin Module Manager Search Term field...
Cross site scripting
CMS Made Simple CMSMS 2.2.11 allows XSS via the Site Admin Module Manager Search Term field...
CVE-2019-17226
CMS Made Simple CMSMS 2.2.11 allows XSS via the Site Admin Module Manager Search Term field...
CVE-2019-9061
An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager in the file action.installmodule.php, it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the "install module" feature...
CVE-2019-9061
CMS Made Simple v2.2.8 is affected via the ModuleManager’s action.installmodule.php where an unserialize call with untrusted input can be triggered, enabling authenticated object injection when using the "install module" feature. This is supported across multiple sources (NVD/CVE-2019-9061 and PT...
PT-2019-19344 · Cms Made Simple · Cms Made Simple
Name of the Vulnerable Software and Affected Versions: CMS Made Simple version 2.2.8 Description: An issue was discovered in the ModuleManager module, specifically in the action.installmodule.php file, where it is possible to reach an unserialize call with untrusted input. This can lead to...
CVE-2014-2639
Unspecified vulnerability in HP MPIO Device Specific Module Manager before 4.02.00 allows local users to gain privileges via unknown vectors...
CVE-2014-2639
Unspecified vulnerability in HP MPIO Device Specific Module Manager before 4.02.00 allows local users to gain privileges via unknown vectors...