EUVD-2024-20247

Malicious code in bioql PyPI...

CVE-2015-5355

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the 1 post-content or 2 post-title parameter to admin/edit.php...

CVE-2024-3419

CVE-2024-3419 affects SourceCodester Online Courseware 1.0; SQL injection via the id parameter in admin/edit.php is the root cause. The vulnerability is exploitable remotely and exploits have been publicly disclosed. No patch/version fix details are provided in the connected documents. Mitigation...

PT-2024-25729 · Unknown · Sourcecodester Online Courseware

Name of the Vulnerable Software and Affected Versions: SourceCodester Online Courseware version 1.0 Description: A critical issue has been found in the software, affecting an unknown functionality of the file admin/edit.php. The manipulation of the id argument leads to SQL injection. The attack c...

CVE-2024-22715

Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...

CVE-2024-22715

Summary (from provided records): Stupid Simple CMS

CVE-2024-22715

Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...

CVE-2023-51246

A Cross Site Scripting XSS vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page...

CVE-2023-51246

CVE-2023-51246 concerns GetSimple CMS 3.3.16 where an XSS exists when a backend user adds articles via /admin/edit.php with Source Code Mode active. The root cause is inadequate filtering/escaping of user-supplied data during article creation, leading to arbitrary script execution. Affected produ...

PT-2023-28960 · Unknown · Online Book Store Project

Name of the Vulnerable Software and Affected Versions: Online Book Store Project version 1.0 Description: The issue allows an authenticated attacker to obtain Remote Code Execution on the server hosting the application via an Insecure File Upload vulnerability on the image parameter of the "admin...

CVE-2020-20389

Cross Site Scripting XSS vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php...

CVE-2020-20389

Cross Site Scripting XSS vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php...

CVE-2020-20389

Cross Site Scripting XSS vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php...

CVE-2016-10962

The icegram plugin before 1.9.19 for WordPress has CSRF via the wp-admin/edit.php optionname parameter...

Cross site scripting

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325...

CVE-2018-19845

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325...

CVE-2018-19845

There is Stored XSS in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter, a related issue to CVE-2018-16325...

CVE-2018-19845

CVE-2018-19845 is a stored XSS in GetSimple CMS. Multiple connected documents confirm the vulnerability in GetSimple CMS 3.3.12 via the admin/edit.php "post-menu" parameter (and related CVE-2018-16325). CNVD/OSV/ CNVD entries also reference GetSimple CMS 3.4.0.9 and the admin/edit.php title field...

Cross site scripting

There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field...

CVE-2018-16325

There is XSS in GetSimple CMS 3.4.0.9 via the admin/edit.php title field...