CMS Made Simple < 2.2.10 Multiple Vulnerabilities

CMS Made Simple is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CMS Made Simple SQL Injection Vulnerability (CNVD-2019-06918)

CMS Made Simple CMSMS is an open source content management system CMS from the CMSMS team. The system supports role-based rights management system , wizard-based installation and update mechanism , intelligent caching mechanism and so on. A SQL injection vulnerability exists in the...

Sql injection

In CMS Made Simple CMSMS before 2.2.10, an authenticated user can achieve SQL Injection in class.showtime2data.php via the functions updateshow parameter showid, inputshow parameter showid, Getshowinfo parameter showid, Getpictureinfo parameter pictureid, AdjustNameSeq parameter shownumber,...

CVE-2019-9693

In CMS Made Simple CMSMS before 2.2.10, an authenticated user can achieve SQL Injection in class.showtime2data.php via the functions updateshow parameter showid, inputshow parameter showid, Getshowinfo parameter showid, Getpictureinfo parameter pictureid, AdjustNameSeq parameter shownumber,...