78 matches found
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
CVE-2024-22715
Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...
Cross site request forgery (csrf)
Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...
Cross site scripting
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
CVE-2024-22714
Stupid Simple CMS
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
Stupid Simple CMS Security Vulnerability
Stupid Simple CMS is a content management system by codelyfe individual developer. A security vulnerability exists in Stupid Simple CMS version 1.2.4, which contains a cross-site request forgery CSRF vulnerability via the component /admin-edit.php...
Stupid Simple CMS 安全漏洞
Stupid Simple CMS is a content management system. Stupid Simple CMS suffers from a cross-site scripting vulnerability that stems from the application's lack of effective filtering and escaping of user-supplied data, which can be exploited by an attacker to execute arbitrary web script or HTML by...
CVE-2024-22715
Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...
PT-2024-19535 · Unknown · Stupid Simple Cms
Name of the Vulnerable Software and Affected Versions: Stupid Simple CMS versions =1.2.4 Description: A Cross-Site Request Forgery CSRF issue was discovered in the /admin-edit.php component. This allows for potential unauthorized actions on the affected system. Recommendations: For versions =1.2....
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
CVE-2024-22715
Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...
CVE-2024-22715
Summary (from provided records): Stupid Simple CMS
CVE-2023-7041
A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...
CVE-2023-7040
A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launche...
Path traversal
A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launche...
Path traversal
A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...
CVE-2023-7041 codelyfe Stupid Simple CMS rename.php path traversal
A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...
CVE-2023-7041
CVE-2023-7041 details a path traversal vulnerability in codelyfe Stupid Simple CMS
CVE-2023-7040
CVE-2023-7040 affects codelyfe Stupid Simple CMS up to v1.2.4. The vulnerability is in /file-manager/rename.php where manipulation of the oldName argument enables path traversal to ../filedir. It can be exploited remotely and has public disclosure. The vulnerability is tracked as VDB-248689. Miti...