197 matches found
Simplephpscripts Simple CMS v2.1 - XSS Web Vulnerability
Document Title: =============== Simplephpscripts Simple CMS v2.1 - XSS Web Vulnerability References Source: ==================== https://www.vulnerability-lab.com/getcontent.php?id=2301 Release Date: ============= 2021-10-17 Vulnerability Laboratory ID VL-ID: ====================================...
daveismyname simple-cms authentication flaw vulnerability
daveismyname simple-cms is a content management system CMS. A security vulnerability exists in daveismyname simple-cms on 2014-03-11 and earlier versions, which stems from adding pages without authentication. An attacker can exploit the vulnerability to add pages...
daveismyname simple-cms cross-site request forgery vulnerability
daveismyname simple-cms is a content management system CMS. A cross-site request forgery vulnerability exists in daveismyname simple-cms version 2014-03-11 and earlier. A remote attacker can exploit this vulnerability to delete arbitrary pages with the help of the admin/?delpage=8 URL...
CVE-2018-15564
An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8...
CVE-2018-15565
An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF...
CVE-2018-15564
An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8...
Cross site request forgery (csrf)
An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8...
Cross site request forgery (csrf)
An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF...
CVE-2018-15565
An issue was discovered in daveismyname simple-cms through 2014-03-11. admin/addpage.php does not require authentication for adding a page. This can also be exploited via CSRF...
CVE-2018-15564
An issue was discovered in daveismyname simple-cms through 2014-03-11. There is a CSRF vulnerability that can delete any page via admin/?delpage=8...
CVE-2018-15565
The CVE-2018-15565 entry relates to daveismyname simple-cms where admin/addpage.php does not require authentication, enabling page addition without login and enabling CSRF exploitation. Across connected sources (CNVD-2018-16302, NVD/CVE-2018-15565, PRION) the issue is described as an authenticati...
CVE-2018-15564
Summary: daveismyname simple-cms (up to 2014-03-11) contains a CSRF vulnerability that can delete any page via the URL admin/?delpage=8. Impact: page deletion via CSRF; no additional exploit details or affected versions beyond the stated date are provided in the connected documents. Notes: no pat...
CVE-2013-10032
creationtimestamp| type| source ---|---|--- 2018-05-29 15:50:33+00:00| seen| https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/unix/webapp/getsimplecmsuploadexec.rb 2025-10-23 21:12:57+00:00| seen| MISP/a9d21043-f825-4bac-8d2b-56fb9e8343e7...
Free Simple CMS Cross-Site Scripting Vulnerability
Free Simple CMS is an open source content management system CMS. The system supports customized templates and other features. A cross-site scripting vulnerability exists in Free Simple CMS, which stems from the program's failure to adequately filter user-submitted input. When a user browses the...
Free Simple CMS Local File Inclusion Vulnerability
Free Simple CMS is an open source content management system CMS. The system supports customized templates and other features. A local file inclusion vulnerability exists in Free Simple CMS, which stems from the program failing to adequately filter user-submitted input. An attacker can read and...
Get Simple CMS 3.3.3 CSRF / XSS / Clickjacking
Affected Vendor: http://get-simple.info/ Date: 23/09/2014 Discovered by: JoeV Type of vulnerability: CSRF, Click-jacking, DOM based XSS and XSS Tested on: Windows 7 Version : 3.3.3 Description: Get Simple CMS v 3.3.3 is susceptible to multiple vulnerabilities such as CSRF, Click-jacking, DOM base...
Get Simple CMS 3.3.3 CSRF / XSS / Clickjacking Vulnerabilities
Get Simple CMS version 3.3.3 suffers from cross site request forgery, clickjacking, and various cross site scripting vulnerabilities. Affected Vendor: http://get-simple.info/ Date: 23/09/2014 Discovered by: JoeV Type of vulnerability: CSRF, Click-jacking, DOM based XSS and XSS Tested on: Windows ...
B-Hind CMS (tiny_mce) Remote File Upload
No description provided by source. Title: B-Hind CMS tinymce Remote File Upload Vendor: http://www.b-hind.eu/ AUTHOR: innrwrld & h00die DESCRIPTION by vendor: B-interference Lite is a simple CMS for small websites. Ideal for local merchants or organizations. The content of page can be adjusted by...
Free Simple CMS 1.0 - Multiple Vulnerabilities
No description provided by source...
Engine by Avatarus Simple CMS - SQL Injection Vulnerability
Document Title: =============== Engine by Avatarus Simple CMS - SQL Injection Vulnerability References Source: ==================== http://www.vulnerability-lab.com/getcontent.php?id=388 Release Date: ============= 2012-01-18 Vulnerability Laboratory ID VL-ID: ====================================...