CVE-2025-28091

CVE-2025-28091 pertains to the maccms10 package, version 2025.1000.4047, which is affected by a Server-Side Request Forgery (SSRF) in the Add Article feature. The vulnerability is documented across multiple sources (NVD, Red Hat, CVE list, etc.), confirming the affected product and the vulnerabil...

CVE-2020-36414

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL slug" or "Extra" fields under the "Add Article" feature...

CVE-2017-7257

XSS exists in the CMS Made Simple CMSMS 2.1.6 "Content--News--Add Article" feature via the m1content parameter. Someone must login to conduct the attack...

PT-2017-17616 · Cms Made Simple · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMS Made Simple versions 2.1.6 Description: A security issue exists in the "Content--News--Add Article" feature of the software, where an attacker can exploit the m1 content parameter to conduct a cross-site scripting XSS attack. This attack...