34 matches found
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
EUVD-2007-4934
Malware in sbrugna...
EUVD-2024-37878
Malicious code in bioql PyPI...
SimpCMS Cross-Site Scripting Vulnerability
SimpCMS is an easy-to-use CMS based on PureEdit. A cross-site scripting vulnerability exists in SimpCMS version 0.1, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary web script or HTML via a...
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
CVE-2024-39248
SimpCMS v0.1 is affected by an XSS in the Title field at /admin.php. Root cause cited across sources is lack of proper filtering/escaping of user input, enabling arbitrary web script or HTML execution. Impacted functionality is the admin input for the Title, with the potential for full script exe...
SimpCMS 安全漏洞
SimpCMS is an easy-to-use CMS based on PureEdit. A cross-site scripting vulnerability exists in SimpCMS version 0.1, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary web script or HTML via a...
PT-2024-28408 · Simpcms · Simpcms
Name of the Vulnerable Software and Affected Versions: SimpCMS version 0.1 Description: A cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at the "/admin.php" API endpoint. Recommendations: For...
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
SimpCMS 0.1 Cross Site Scripting
Exploit Title: SimpCMS v0.1 - Cross Site Scripting XSS Date: 26-06-2024 CVE: CVE-2024-39248 Exploit Author: Jason Jacobs 0xjasonjacobs Vendor Homepage: https://sourceforge.net/projects/simpcms/ Software Link: https://sourceforge.net/projects/simpcms/ Category: Web Application Version: 0.1...
Exploit for Cross-site Scripting in Fikeulous Simpcms
Exploit Title: SimpCMS v0.1 - Cross Site Scripting XSS C...
SimpCMS <= all (keyword) Remote SQL Injection Vulnerability
No description provided by source. SimpCMS = all Remote SQL Injection Vulnerability Found By : ú Cold z3ro , http://www.hackteach.org/ Script : http://www.simpcms.com/ ==================================== Exploit :...
SimpCMS <= 04.10.2007 (site) Remote File Inclusion Vulnerability
No description provided by source. Bug Found By Dr.RoVeR --Arab48 Hacker Contact: [email protected] --- Script: SimpCMS Light Download: http://www.simpcms.com/light/normal/simp-cms-light.zip -- Bug File: index.php Bug code in line 31: include $site..php; -- Exploit:...
Sql injection
SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action...
CVE-2007-4953
SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action...
CVE-2007-4953
SimpCMS CVE-2007-4953 is a SQL injection vulnerability in index.php where a remote attacker can influence the keyword parameter of a search site action to execute arbitrary SQL. The entry details a high-severity issue (CVSSv2 base score 7.5) with network attack vector and no authentication requir...
CVE-2007-4953
SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action...
simpcms-sql.txt
SimpCMS = all Remote SQL Injection Vulnerability Found By : ú Cold z3ro , http://www.hackteach.org/ Script : http://www.simpcms.com/ ==================================== Exploit : /index.php?site=search&keyword=1'//union//select//0,1,2,3,name,5,6//from//categories/ OR /index.php?site=search in...