197 matches found
Cross site request forgery (csrf)
Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /savesettings.php...
Cross site scripting
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting XSS within the blog title of the settings...
Cross site request forgery (csrf)
Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via /update-article.php...
CVE-2024-27689
Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via /update-article.php...
CVE-2024-27558
Stupid Simple CMS 1.2.4 is vulnerable to Cross Site Scripting XSS within the blog title of the settings...
Stupid Simple CMS Security Vulnerability
Stupid Simple CMS is a content management system by codelyfe individual developer. A security vulnerability exists in Stupid Simple CMS v1.2.4 and earlier versions, which stems from a cross-site request forgery CSRF vulnerability in component/savesettings.php...
CVE-2024-27559
CVE-2024-27559 – Stupid Simple CMS : A CSRF vulnerability exists in Stupid Simple CMS v1.2.4 via the component /save_settings.php. The CVSS 3.1 base metrics indicate a MEDIUM severity (6.3) with network attack vector, low attack complexity, and LOW impact on confidentiality, integrity, and availa...
CVE-2024-27559
Stupid Simple CMS v1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /savesettings.php...
Stupid Simple CMS Security Vulnerability
Stupid Simple CMS is a content management system by codelyfe individual developer. A security vulnerability exists in Stupid Simple CMS v1.2.4, which stems from a cross-site request forgery CSRF vulnerability via /update-article.php...
Stupid Simple CMS Security Vulnerability
Stupid Simple CMS is a content management system by codelyfe individual developer. A security vulnerability exists in Stupid Simple CMS v1.2.4 and earlier versions, which stems from a cross-site scripting XSS vulnerability...
CVE-2024-27689
The vulnerability CVE-2024-27689 affects Stupid Simple CMS v1.2.4 and is a Cross-Site Request Forgery (CSRF) via /update-article.php. CVSSv3.1 base score 8.8 ( HIGH ); attack vector Network, privileges required NONE, user interaction REQUIRED, confidentiality/ integrity/ availability HIGH. Connec...
CVE-2024-27558
CVE-2024-27558 affects Stupid Simple CMS 1.2.4. The vulnerability is a Cross Site Scripting (XSS) flaw in the blog title field within the settings UI. Affected software is the Stupid Simple CMS product; the exact vulnerable component is the blog title input handling in the settings page. The desc...
CVE-2024-22715
Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...
CVE-2024-22715
Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
Cross site scripting
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
Cross site request forgery (csrf)
Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...
Stupid Simple CMS Security Vulnerability
Stupid Simple CMS is a content management system by codelyfe individual developer. A security vulnerability exists in Stupid Simple CMS version 1.2.4, which contains a cross-site request forgery CSRF vulnerability via the component /admin-edit.php...
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...