33 matches found
EUVD-2021-15586
Malware in sbrugna...
EUVD-2019-8834
Malware in sbrugna...
EUVD-2025-12269
Malicious code in bioql PyPI...
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
CVE-2019-10107
CMS Made Simple 2.2.10 has XSS via the myaccount.php "Email Address" field, which is reachable via the "My Preferences - My Account" section...
CVE-2025-29621
Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under the My Preferences module. This vulnerability allows attackers to manipulate application settings...
CVE-2025-29621
Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under the My Preferences module. This vulnerability allows attackers to manipulate application settings...
CVE-2025-29621
CVE-2025-29621 affects RosarioSIS v12.0.0. The issue is a content spoofing vulnerability in the Theme configuration under the My Preferences module that allows attackers to manipulate application settings. The CVSS 3.1 base score is 7.3 (HIGH) with network attack vector, low attack complexity, an...
PT-2025-17591 · Unknown · Rosariosis
Name of the Vulnerable Software and Affected Versions: Francois Jacquet RosarioSIS version 12.0.0 Description: The issue is related to a content spoofing vulnerability found in the Theme configuration under the My Preferences module. This allows attackers to manipulate application settings...
CVE-2025-29621
Francois Jacquet RosarioSIS v12.0.0 was discovered to contain a content spoofing vulnerability in the Theme configuration under the My Preferences module. This vulnerability allows attackers to manipulate application settings...
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
Cross site scripting
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
CMS Made Simple Cross-Site Scripting Vulnerability
CMS Made Simple CMSMS is an open source content management system CMS by Cmsms team. The system supports role-based permission management system, wizard-based installation and update mechanism, intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in CMS Made Simple...
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
PT-2023-28800 · Unknown · Cms Made Simple
Name of the Vulnerable Software and Affected Versions: CMSmadesimple version 2.2.18 Description: The issue allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component. This enables the attacker to...
CVE-2023-43355
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component...
CMS Made Simple 2.2.15 Cross Site Scripting
Exploit Title: CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting XSS Date: 2021/03/19 Exploit Author: bt0 Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: https://s3.amazonaws.com/cmsms/downloads/14832/cmsms-2.2.15-install.zip Version: 2.2.15 CVE: CVE-2021-28935...
CMS Made Simple 2.2.15 - (title) Cross-Site Scripting (XSS) Vulnerability
Exploit Title: CMS Made Simple 2.2.15 - 'title' Cross-Site Scripting XSS Exploit Author: bt0 Vendor Homepage: http://www.cmsmadesimple.org/ Software Link: https://s3.amazonaws.com/cmsms/downloads/14832/cmsms-2.2.15-install.zip Version: 2.2.15 CVE: CVE-2021-28935...
CMS Made Simple <= 2.2.16 XSS Vulnerability
CMS Made Simple is prone to a cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2021-28935
CMS Made Simple CMSMS 2.2.15 allows authenticated XSS via the /admin/addbookmark.php script through the Site Admin My Preferences Title field...