Lucene search
+L

197 matches found

Vulnerability Lab
Vulnerability Lab
added 2021/10/17 12:0 a.m.72 views

Simplephpscripts Simple CMS v2.1 - XSS Web Vulnerability

Document Title: =============== Simplephpscripts Simple CMS v2.1 - XSS Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2301 Release Date: ============= 2021-10-17 Vulnerability Laboratory ID VL-ID: ====================================...

7.4AI score
Exploits0
CNVD
CNVD
added 2018/08/21 12:0 a.m.3 views

daveismyname simple-cms authentication flaw vulnerability

daveismyname simple-cms is a content management system CMS. A security vulnerability exists in daveismyname simple-cms on 2014-03-11 and earlier versions, which stems from adding pages without authentication. An attacker can exploit the vulnerability to add pages...

8.8CVSS8.7AI score0.0057EPSS
Exploits1References1
CNVD
CNVD
added 2018/08/21 12:0 a.m.4 views

daveismyname simple-cms cross-site request forgery vulnerability

daveismyname simple-cms is a content management system CMS. A cross-site request forgery vulnerability exists in daveismyname simple-cms version 2014-03-11 and earlier. A remote attacker can exploit this vulnerability to delete arbitrary pages with the help of the admin/?delpage=8 URL...

8.8CVSS8.9AI score0.00465EPSS
Exploits0References1
OSV
OSV
added 2018/08/20 1:29 a.m.4 views

CVE-2018-15564

An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8...

8.8CVSS5.8AI score0.00465EPSS
Exploits0References1
NVD
NVD
added 2018/08/20 1:29 a.m.14 views

CVE-2018-15565

An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF...

8.8CVSS8.8AI score0.0057EPSS
Exploits1References2
NVD
NVD
added 2018/08/20 1:29 a.m.12 views

CVE-2018-15564

An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8...

8.8CVSS8.7AI score0.00465EPSS
Exploits0References1
Prion
Prion
added 2018/08/20 1:29 a.m.13 views

Cross site request forgery (csrf)

An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8...

6.8CVSS8.6AI score0.00465EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2018/08/20 1:29 a.m.18 views

Cross site request forgery (csrf)

An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF...

6.8CVSS8.7AI score0.0057EPSS
Exploits1References2Affected Software1
OSV
OSV
added 2018/08/20 1:29 a.m.4 views

CVE-2018-15565

An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF...

8.8CVSS5.8AI score0.0057EPSS
Exploits1References2
Cvelist
Cvelist
added 2018/08/20 1:0 a.m.17 views

CVE-2018-15564

An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8...

8.7AI score0.00465EPSS
Exploits0References1
CVE
CVE
added 2018/08/20 1:0 a.m.40 views

CVE-2018-15565

The CVE-2018-15565 entry relates to daveismyname simple-cms where admin/addpage.php does not require authentication, enabling page addition without login and enabling CSRF exploitation. Across connected sources (CNVD-2018-16302, NVD/CVE-2018-15565, PRION) the issue is described as an authenticati...

8.8CVSS8.7AI score0.0057EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2018/08/20 1:0 a.m.38 views

CVE-2018-15564

Summary: daveismyname simple-cms (up to 2014-03-11) contains a CSRF vulnerability that can delete any page via the URL admin/?delpage=8. Impact: page deletion via CSRF; no additional exploit details or affected versions beyond the stated date are provided in the connected documents. Notes: no pat...

8.8CVSS8.6AI score0.00465EPSS
Exploits0References1Affected Software1
Circl
Circl
added 2018/05/29 3:50 p.m.8 views

CVE-2013-10032

creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/getsimplecmsuploadexec.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...

8.8CVSS5.7AI score0.02484EPSS
Exploits1References1
CNVD
CNVD
added 2015/03/30 12:0 a.m.4 views

Free Simple CMS Cross-Site Scripting Vulnerability

Free Simple CMS is an open source content management system CMS. The system supports customized templates and other features. A cross-site scripting vulnerability exists in Free Simple CMS, which stems from the program's failure to adequately filter user-submitted input. When a user browses the...

6.7AI score
Exploits0References1
CNVD
CNVD
added 2015/03/27 12:0 a.m.3 views

Free Simple CMS Local File Inclusion Vulnerability

Free Simple CMS is an open source content management system CMS. The system supports customized templates and other features. A local file inclusion vulnerability exists in Free Simple CMS, which stems from the program failing to adequately filter user-submitted input. An attacker can read and...

7.1AI score
Exploits0References1
Packet Storm
Packet Storm
added 2014/09/23 12:0 a.m.23 views

Get Simple CMS 3.3.3 CSRF / XSS / Clickjacking

Affected Vendor: http://get-simple.info/ Date: 23/09/2014 Discovered by: JoeV Type of vulnerability: CSRF, Click-jacking, DOM based XSS and XSS Tested on: Windows 7 Version : 3.3.3 Description: Get Simple CMS v 3.3.3 is susceptible to multiple vulnerabilities such as CSRF, Click-jacking, DOM base...

0.6AI score
Exploits0
0day.today
0day.today
added 2014/09/23 12:0 a.m.26 views

Get Simple CMS 3.3.3 CSRF / XSS / Clickjacking Vulnerabilities

Get Simple CMS version 3.3.3 suffers from cross site request forgery, clickjacking, and various cross site scripting vulnerabilities. Affected Vendor: http://get-simple.info/ Date: 23/09/2014 Discovered by: JoeV Type of vulnerability: CSRF, Click-jacking, DOM based XSS and XSS Tested on: Windows ...

6.8AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.19 views

B-Hind CMS (tiny_mce) Remote File Upload

No description provided by source. Title: B-Hind CMS tinymce Remote File Upload Vendor: http://www.b-hind.eu/ AUTHOR: innrwrld & h00die DESCRIPTION by vendor: B-interference Lite is a simple CMS for small websites. Ideal for local merchants or organizations. The content of page can be adjusted by...

7.1AI score
Exploits0
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.16 views

Free Simple CMS 1.0 - Multiple Vulnerabilities

No description provided by source...

7.1AI score
Exploits0
Vulnerability Lab
Vulnerability Lab
added 2012/01/18 12:0 a.m.17 views

Engine by Avatarus Simple CMS - SQL Injection Vulnerability

Document Title: =============== Engine by Avatarus Simple CMS - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=388 Release Date: ============= 2012-01-18 Vulnerability Laboratory ID VL-ID: ====================================...

0.5AI score
Exploits0
Rows per page
Query Builder