19 matches found
EUVD-2017-18604
Malware in sbrugna...
EUVD-2017-18605
Malware in sbrugna...
CVE-2017-9674
In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?returnurl=XSS exploitable as a regular or admin user...
CVE-2017-9673
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account via the index.php/user/new URI or change its settings via the index.php/user/1 URI, including its password...
simpleCE Cross-Site Scripting Vulnerability
simpleCE is a simple content management system with a front-end editor mode . A cross-site scripting vulnerability exists in simpleCE in index.php/content/text/1?returnurl=XSS, which allows an attacker to exploit the vulnerability to gain normal user or administrator privileges...
simpleCE Cross-Site Request Forgery Vulnerability
simpleCE is a simple content management system with a front-end editor mode . A cross-site request forgery vulnerability exists in simpleCE, which allows attackers to add an administrator account via index.php/user/new URI or change its settings via index.php/user/1 URI, including its password...
CVE-2017-9674
In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?returnurl=XSS exploitable as a regular or admin user...
Cross site scripting
In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?returnurl=XSS exploitable as a regular or admin user...
CVE-2017-9673
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account via the index.php/user/new URI or change its settings via the index.php/user/1 URI, including its password...
CVE-2017-9674
In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?returnurl=XSS exploitable as a regular or admin user...
CVE-2017-9674
In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?returnurl=XSS exploitable as a regular or admin user...
CVE-2017-9673
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account via the index.php/user/new URI or change its settings via the index.php/user/1 URI, including its password...
CVE-2017-9673
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account via the index.php/user/new URI or change its settings via the index.php/user/1 URI, including its password...
Cross site request forgery (csrf)
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account via the index.php/user/new URI or change its settings via the index.php/user/1 URI, including its password...
CVE-2017-9674
CVE-2017-9674 affects SimpleCE 2.3.0. An authenticated cross-site scripting (XSS) vulnerability exists on the endpoint index.php/content/text/1?return_url=[XSS], exploitable by a regular user or an admin user. The issue is described consistently across multiple sources in the connected documents,...
CVE-2017-9673
CVE-2017-9673 affects SimpleCE 2.3.0 and arises from a Cross-Site Request Forgery (CSRF) vulnerability. The issue enables an attacker to add an administrator account (via index.php/user/new) or modify administrator settings, including the password (via index.php/user/1). Documents consistently de...
CVE-2017-9674
In SimpleCE 2.3.0, an authenticated XSS vulnerability was found on index.php/content/text/1?returnurl=XSS exploitable as a regular or admin user...
CVE-2017-9673
In SimpleCE 2.3.0, a CSRF vulnerability can be exploited to add an administrator account via the index.php/user/new URI or change its settings via the index.php/user/1 URI, including its password...
SimpleCE 2.3.0 Cross Site Request Forgery / Cross Site Scripting
Exploit Title: SimpleCE 2.3.0 - Multiple Vulnerabilities XSS CSRF Date: 2017-06-14 Exploit Author: 8bitsec Vendor Homepage: http://simplece.com Software Link: https://codecanyon.net/item/simplece-v2-mini-cms/9140868 Version: 2.3.0, probably older versions Tested on: Kali Linux 2.0 | Mac OS 10.12....