Lucene search
+L

78 matches found

OSV
OSV
added 2024/01/17 6:15 p.m.4 views

CVE-2024-22714

Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...

6.1CVSS5.8AI score0.00376EPSS
Exploits1References1
OSV
OSV
added 2024/01/17 6:15 p.m.4 views

CVE-2024-22715

Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...

8.8CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2024/01/17 6:15 p.m.21 views

Cross site request forgery (csrf)

Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...

6.8CVSS7.8AI score0.00303EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2024/01/17 6:15 p.m.16 views

Cross site scripting

Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...

5.8CVSS6.2AI score0.00376EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/01/17 12:0 a.m.216 views

CVE-2024-22714

Stupid Simple CMS

6.1CVSS5.9AI score0.00376EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/01/17 12:0 a.m.3 views

CVE-2024-22714

Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...

6AI score0.00376EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/01/17 12:0 a.m.6 views

Stupid Simple CMS Security Vulnerability

Stupid Simple CMS is a content management system by codelyfe individual developer. A security vulnerability exists in Stupid Simple CMS version 1.2.4, which contains a cross-site request forgery CSRF vulnerability via the component /admin-edit.php...

8.8CVSS6.8AI score0.00303EPSS
Exploits1References3
CNNVD
CNNVD
added 2024/01/17 12:0 a.m.4 views

Stupid Simple CMS 安全漏洞

Stupid Simple CMS is a content management system. Stupid Simple CMS suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary web script or HTML by...

6.1CVSS6AI score0.00376EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2024/01/17 12:0 a.m.2 views

CVE-2024-22715

Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...

8.9AI score0.00303EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2024/01/17 12:0 a.m.7 views

PT-2024-19535 · Unknown · Stupid Simple Cms

Name of the Vulnerable Software and Affected Versions: Stupid Simple CMS versions =1.2.4 Description: A Cross-Site Request Forgery CSRF issue was discovered in the /admin-edit.php component. This allows for potential unauthorized actions on the affected system. Recommendations: For versions =1.2....

8.8CVSS8.6AI score0.00303EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/01/17 12:0 a.m.21 views

CVE-2024-22714

Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...

6.2AI score0.00376EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/01/17 12:0 a.m.29 views

CVE-2024-22715

Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...

9.1AI score0.00303EPSS
Exploits1References1
CVE
CVE
added 2024/01/17 12:0 a.m.215 views

CVE-2024-22715

Summary (from provided records): Stupid Simple CMS

8.8CVSS8.8AI score0.00303EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2023/12/21 8:15 p.m.23 views

CVE-2023-7041

A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...

5.5CVSS0.00906EPSS
Exploits1References3
NVD
NVD
added 2023/12/21 8:15 p.m.19 views

CVE-2023-7040

A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launche...

6.5CVSS0.00764EPSS
Exploits1References3
Prion
Prion
added 2023/12/21 8:15 p.m.22 views

Path traversal

A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launche...

4CVSS7.1AI score0.00764EPSS
Exploits1References3Affected Software1
Prion
Prion
added 2023/12/21 8:15 p.m.21 views

Path traversal

A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...

5.5CVSS7.1AI score0.00906EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/12/21 8:0 p.m.35 views

CVE-2023-7041 codelyfe Stupid Simple CMS rename.php path traversal

A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...

5.5CVSS5.8AI score0.00906EPSS
Exploits1References3
CVE
CVE
added 2023/12/21 8:0 p.m.59 views

CVE-2023-7041

CVE-2023-7041 details a path traversal vulnerability in codelyfe Stupid Simple CMS

5.5CVSS5.5AI score0.00906EPSS
Exploits1References3Affected Software1
CVE
CVE
added 2023/12/21 7:31 p.m.62 views

CVE-2023-7040

CVE-2023-7040 affects codelyfe Stupid Simple CMS up to v1.2.4. The vulnerability is in /file-manager/rename.php where manipulation of the oldName argument enables path traversal to ../filedir. It can be exploited remotely and has public disclosure. The vulnerability is tracked as VDB-248689. Miti...

6.5CVSS5.5AI score0.00764EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder