PT-2023-32557 · Unknown · Getsimple Cms

Name of the Vulnerable Software and Affected Versions: GetSimpleCMS versions 3.3.16 through 3.4.0a Description: A critical issue affects the processing of the file /admin/theme-edit.php, leading to code injection. The attack can be initiated remotely. Recommendations: For versions 3.3.16 through...

CVE-2022-4598

A vulnerability has been found in Shoplazza LifeStyle 1.1 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/api/theme-edit/ of the component Announcement Handler. The manipulation of the argument Text/Mobile Text leads to cross site...

GetSimple CMS 安全漏洞

GetSimple CMS is a content management system CMS written in PHP. A security vulnerability exists in GetSimple CMS version v3.3.16, which was discovered to contain a remote code execution RCE vulnerability via the editedfile parameter in admin/theme-edit.php...

CVE-2019-16333

GetSimple CMS v3.3.15 has Persistent Cross-Site Scripting XSS in admin/theme-edit.php...

CVE-2019-9652

There is a CSRF in SDCMS V1.7 via an m=admin&c=theme&a=edit request. It allows PHP code injection by providing a filename in the file parameter, and providing file content in the t2 parameter...