Lucene search
+L

9 matches found

prion
prion
added 2021/07/26 9:15 p.m.13 views

Cross site scripting

Cross Site Scripting XSS vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News Article" feature...

3.5CVSS4.9AI score0.00473EPSS
Exploits1References1Affected Software1
prion
prion
added 2021/07/02 6:15 p.m.19 views

Cross site scripting

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module...

3.5CVSS5.3AI score0.00473EPSS
Exploits1References1Affected Software1
prion
prion
added 2021/07/02 6:15 p.m.19 views

Cross site scripting

A stored cross scripting XSS vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Design" parameter under the "Designs" module...

3.5CVSS5.3AI score0.00473EPSS
Exploits1References1Affected Software1
cve
cve
added 2021/07/02 5:51 p.m.61 views

CVE-2020-36409

CMS Made Simple 2.2.14 contains a stored XSS in the Add Category field of the Categories module that requires authentication to exploit. Several sources corroborate this vulnerability and indicate related fixes are available in version 2.2.15 and later. Impact is reflected as executing arbitrary ...

5.4CVSS5.2AI score0.00473EPSS
Exploits1References1Affected Software1
nvd
nvd
added 2021/06/01 3:15 p.m.25 views

CVE-2020-27377

A cross-site scripting XSS vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts...

4.8CVSS0.00534EPSS
Exploits1References1
prion
prion
added 2021/06/01 3:15 p.m.16 views

Cross site scripting

A cross-site scripting XSS vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts...

3.5CVSS5AI score0.00534EPSS
Exploits1References1Affected Software1
cvelist
cvelist
added 2021/06/01 2:57 p.m.22 views

CVE-2020-27377

A cross-site scripting XSS vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts...

5.1AI score0.00534EPSS
Exploits1References1
packetstorm
packetstorm
added 2020/08/13 12:0 a.m.183 views

CMS Made Simple 2.2.14 Shell Upload

Exploit Title: CMS Made Simple 2.2.14 - Arbitrary File Upload Authenticated Google Dork: - Date: 2020-07-29 Exploit Author: Roel van Beurden Vendor Homepage: https://www.cmsmadesimple.org/ Software Link: http://s3.amazonaws.com/cmsms/downloads/14793/cmsms-2.2.14-install.zip Version: 2.2.14 Tested...

7.4AI score
Exploits0
openvas
openvas
added 2020/06/03 12:0 a.m.28 views

CMS Made Simple <= 2.2.14 Multiple XSS Vulnerabilities

CMS Made Simple is prone to multiple cross-site scripting XSS vulnerabilities. SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

5.4CVSS5AI score0.00685EPSS
Exploits3References2
Rows per page
Query Builder