197 matches found
CVE-2023-6902
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and m...
Design/Logic Flaw
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and m...
CVE-2023-6902 codelyfe Stupid Simple CMS upload.php unrestricted upload
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and m...
CVE-2023-6902
CVE-2023-6902 affects codelyfe Stupid Simple CMS up to version 1.2.4. The vulnerability resides in the file /file-manager/upload.php, where manipulation of the file parameter enables unrestricted file upload. The description indicates the exploit has been disclosed publicly, posing a risk of remo...
CVE-2023-6901
A vulnerability, which was classified as critical, was found in codelyfe Stupid Simple CMS up to 1.2.3. This affects an unknown part of the file /terminal/handle-command.php of the component HTTP POST Request Handler. The manipulation of the argument command with the input whoami leads to os...
CVE-2023-6901
A vulnerability, which was classified as critical, was found in codelyfe Stupid Simple CMS up to 1.2.3. This affects an unknown part of the file /terminal/handle-command.php of the component HTTP POST Request Handler. The manipulation of the argument command with the input whoami leads to os...
Command injection
A vulnerability, which was classified as critical, was found in codelyfe Stupid Simple CMS up to 1.2.3. This affects an unknown part of the file /terminal/handle-command.php of the component HTTP POST Request Handler. The manipulation of the argument command with the input whoami leads to os...
CVE-2023-6901 codelyfe Stupid Simple CMS HTTP POST Request handle-command.php os command injection
A vulnerability, which was classified as critical, was found in codelyfe Stupid Simple CMS up to 1.2.3. This affects an unknown part of the file /terminal/handle-command.php of the component HTTP POST Request Handler. The manipulation of the argument command with the input whoami leads to os...
CVE-2023-6901
CVE-2023-6901 affects codelyfe Stupid Simple CMS versions up to 1.2.3. The vulnerability lies in the HTTP POST Request Handler’s file /terminal/handle-command.php, where using the argument with input “whoami” enables an OS command injection. The issue is exploitable remotely and an exploit has be...
Stupid Simple CMS Operating System Command Injection Vulnerability
Stupid Simple CMS is a content management system by codelyfe individual developer. Stupid Simple CMS 1.2.3 and earlier versions have an operating system command injection vulnerability, which stems from an operating system command injection vulnerability in the file /terminal/handle-command.php...
Stupid Simple CMS Code Issue Vulnerability
Stupid Simple CMS is a content management system by codelyfe individual developer. A code issue vulnerability exists in Stupid Simple CMS 1.2.4 and earlier versions, which stems from an arbitrary file upload vulnerability in file/file manager/upload.php...
CVE-2023-46042
An issue in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via a crafted payload to the phpinfo...
PHPJabbers Simple CMS 5.0 Cross Site Scripting
Exploit Title: PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting XSS Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Steps to Reproduce - Please...
PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting Vulnerability
Exploit Title: PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting XSS Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Steps to Reproduce - Please login from this...
PHPJabbers Simple CMS 5.0 - SQL Injection Vulnerability
Exploit Title: PHPJabbers Simple CMS 5.0 - SQL Injection Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Request GET...
PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting (XSS)
Exploit Title: PHPJabbers Simple CMS V5.0 - Stored Cross-Site Scripting XSS Date: 2023-04-29 Exploit Author: Ahmet Ümit BAYRAM Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/ Version: 5.0 Tested on: Kali Linux Steps to Reproduce - Please...
Simplephpscripts Simple CMS 2.1 - (Multiple) Stored Cross-Site Scripting Vulnerability
Exploit Title: Simplephpscripts Simple CMS 2.1 - 'Multiple' Stored Cross-Site Scripting XSS Vendor Homepage: https://simplephpscripts.com/simple-cms-php Version: 2.1 Product & Service Introduction: =============================== The system could be used only in already existing websites to contr...
PHPJabbers Simple CMS 5 - (name) Persistent Cross-Site Scripting Vulnerability
Exploit Title: PHPJabbers Simple CMS 5 - 'name' Persistent Cross-Site Scripting XSS Google Dork: subtitle:Copyright © 2021 PHPJabbers.com Date: 2021-10-28 Exploit Author: Vulnerability-Lab Vendor Homepage: https://www.phpjabbers.com/faq.php Software Link: https://www.phpjabbers.com/simple-cms/...
Simplephpscripts Simple CMS 2.1 SQL Injection
Document Title: =============== Simplephpscripts Simple CMS v2.1 - SQL Injection References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2303 Release Date: ============= 2021-10-19 Vulnerability Laboratory ID VL-ID: ==================================== 2303...
Simplephpscripts Simple CMS v2.1 - Persistent Vulnerability
Document Title: =============== Simplephpscripts Simple CMS v2.1 - Persistent Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2302 Release Date: ============= 2021-10-18 Vulnerability Laboratory ID VL-ID: ==================================...