PT-2024-18114 · Unknown · Cms Made Simple

Name of the Vulnerable Software and Affected Versions: CMS Made Simple version 2.2.14 Description: The issue arises from insufficient encoding of user-controlled input, leading to a Cross-Site Scripting XSS vulnerability. This vulnerability can be exploited through the /admin/moduleinterface.php...

CMS Made Simple Cross-Site Scripting Vulnerability (CNVD-2020-64604)

CMS Made Simple CMSMS is an open source content management system CMS from the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A cross-site scripting vulnerability exists in CMS Made...

CMS Made Simple admin/moduleinterface.php Reflective Cross-Site Scripting Vulnerability

CMS Made Simple is a content management system developed using PHP, MySQL and Smarty template engine. A reflected cross-site scripting vulnerability exists in admin/moduleinterface.php in CMS Made Simple 2.2.7. The vulnerability can be exploited to conduct cross-site scripting attacks via the...

CVE-2018-10032

CMS Made Simple aka CMSMS 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1version parameter...

CVE-2018-10029

CMS Made Simple aka CMSMS 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1name parameter, related to moduledepends, a different vulnerability than CVE-2017-16799...

CVE-2018-5965

CMS Made Simple CMSMS 2.2.5 has XSS in admin/moduleinterface.php via the m1errors parameter...

CVE-2018-5964

CMS Made Simple CMSMS 2.2.5 has XSS in admin/moduleinterface.php via the m1messages parameter...

CVE-2017-16799

In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, stored XSS is possible via the m1name parameter to admin/moduleinterface.php during addition of a category, a related issue to CVE-2010-3882...