Lucene search
K

13 matches found

RedhatCVE
RedhatCVE
added 2026/01/22 5:34 p.m.7 views

CVE-2021-47870

GetSimple CMS My SMTP Contact Plugin 1.1.2 suffers from a Stored Cross-Site Scripting XSS vulnerability. The plugin attempts to sanitize user input using htmlspecialchars, but this can be bypassed by passing dangerous characters as escaped hex bytes. This allows attackers to inject arbitrary...

5.4CVSS5.8AI score0.00229EPSS
Exploits1References1
OSV
OSV
added 2026/01/21 6:16 p.m.4 views

CVE-2021-47830

GetSimple CMS My SMTP Contact Plugin 1.1.1 contains a cross-site request forgery CSRF vulnerability. Attackers can craft a malicious webpage that, when visited by an authenticated administrator, can change SMTP configuration settings in the plugin. This may allow unauthorized changes but does not...

6.5CVSS6AI score0.00349EPSS
Exploits1References5
OSV
OSV
added 2026/01/21 6:16 p.m.5 views

CVE-2021-47778

GetSimple CMS My SMTP Contact Plugin 1.1.2 contains a PHP code injection vulnerability. An authenticated administrator can inject arbitrary PHP code through plugin configuration parameters, leading to remote code execution on the server...

7.2CVSS6.4AI score0.0109EPSS
Exploits1References5
ATTACKERKB
ATTACKERKB
added 2026/01/21 5:29 p.m.3 views

CVE-2021-47778

GetSimple CMS My SMTP Contact Plugin 1.1.2 contains a PHP code injection vulnerability. An authenticated administrator can inject arbitrary PHP code through plugin configuration parameters, leading to remote code execution on the server...

8.6CVSS6.6AI score0.0109EPSS
Exploits1References5Affected Software1
EUVD
EUVD
added 2026/01/21 5:29 p.m.5 views

EUVD-2026-3660

GetSimple CMS My SMTP Contact Plugin 1.1.2 contains a PHP code injection vulnerability. An authenticated administrator can inject arbitrary PHP code through plugin configuration parameters, leading to remote code execution on the server...

8.6CVSS6.7AI score0.0109EPSS
Exploits1References7
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2021-16035

Malware in sbrugna...

6.5CVSS6.6AI score0.00557EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/22 7:35 p.m.5 views

CVE-2021-29400

A cross-site request forgery CSRF vulnerability in the My SMTP Contact v1.1.1 plugin for GetSimple CMS allows remote attackers to change the SMTP settings of the contact forms for the webpages of the CMS after an authenticated admin visits a malicious third-party site...

6.5CVSS7AI score0.00557EPSS
Exploits1References1
OSV
OSV
added 2021/08/10 11:15 p.m.4 views

CVE-2021-29400

A cross-site request forgery CSRF vulnerability in the My SMTP Contact v1.1.1 plugin for GetSimple CMS allows remote attackers to change the SMTP settings of the contact forms for the webpages of the CMS after an authenticated admin visits a malicious third-party site...

6.5CVSS5.8AI score0.00557EPSS
Exploits1References1
Prion
Prion
added 2021/08/10 11:15 p.m.16 views

Cross site request forgery (csrf)

A cross-site request forgery CSRF vulnerability in the My SMTP Contact v1.1.1 plugin for GetSimple CMS allows remote attackers to change the SMTP settings of the contact forms for the webpages of the CMS after an authenticated admin visits a malicious third-party site...

4.3CVSS6.5AI score0.00557EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/08/10 10:30 p.m.20 views

CVE-2021-29400

A cross-site request forgery CSRF vulnerability in the My SMTP Contact v1.1.1 plugin for GetSimple CMS allows remote attackers to change the SMTP settings of the contact forms for the webpages of the CMS after an authenticated admin visits a malicious third-party site...

6.7AI score0.00557EPSS
Exploits1References1
CVE
CVE
added 2021/08/10 10:30 p.m.61 views

CVE-2021-29400

CVE-2021-29400 is a cross-site request forgery in the GetSimple CMS environment, affecting the My SMTP Contact plugin v1.1.1. The issue permits an unauthenticated attacker to induce an admin, visiting a malicious site, to change SMTP settings for the CMS contact forms through CSRF. The current so...

6.5CVSS6.4AI score0.00557EPSS
Exploits1References1Affected Software1
CNNVD
CNNVD
added 2021/08/10 12:0 a.m.3 views

GetSimple CMS 跨站请求伪造漏洞

GetSimple CMS is a content management system CMS written in PHP. A security vulnerability exists in the My SMTP Contact v1.1.1 plugin for GetSimple CMS, which stems from a lack of proper validation of client-side data in the WEB application. An attacker can exploit the vulnerability to execute...

6.5CVSS6.7AI score0.00557EPSS
Exploits1References1
Packet Storm
Packet Storm
added 2021/04/16 12:0 a.m.560 views

GetSimple CMS My SMTP Contact 1.1.1 CSRF / Remote Code Execution

Exploit Title: GetSimple CMS My SMTP Contact Plugin = v1.1.1 - CSRF to RCE Exploit Author: Bobby Cooke boku Date: April 15th, 2021 Vendor Homepage: http://get-simple.info Software Link: http://get-simple.info/extend/download.php?file=files/18274/1221/my-smtp-contact1.1.1.zip&id=1221 Vendor:...

Exploits0
Rows per page
Query Builder