Lucene search
K

8 matches found

Vulnrichment
Vulnrichment
added 2024/05/01 12:0 a.m.12 views

CVE-2024-33423

Cross-Site Scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Logout parameter under the Language section...

5.8AI score0.00558EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2024/05/01 12:0 a.m.11 views

CVE-2024-33424

A cross-site scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Downloads parameter under the Language section...

5.8AI score0.00404EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/05/01 12:0 a.m.14 views

CVE-2024-33424

A cross-site scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Downloads parameter under the Language section...

5.7AI score0.00404EPSS
Exploits1References1
CVE
CVE
added 2024/05/01 12:0 a.m.79 views

CVE-2024-33423

CMSimple v5.15 is affected by a Cross-Site Scripting (XSS) vulnerability in the Settings menu, specifically via the Logout parameter under Language. The root cause is insufficient input filtering, allowing an attacker to inject arbitrary web scripts/HTML. Consequences could include script executi...

7.4CVSS5.8AI score0.00558EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/17 12:0 a.m.14 views

CVE-2024-32345

A cross-site scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Configuration parameter under the Language section...

5.8AI score0.00456EPSS
Exploits1References1
CVE
CVE
added 2024/04/17 12:0 a.m.53 views

CVE-2024-32344

CMSimple v5.15 is affected by an XSS in the Settings menu, via crafted input in the Language section Edit parameter. The vulnerability arises from insufficient filtering/escaping of user-supplied data in that parameter, enabling arbitrary script/HTML execution. In-the-wild details are not provide...

6.8CVSS5.8AI score0.00528EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2024/04/17 12:0 a.m.59 views

CVE-2024-32345

CMSimple v5.15 is affected by a cross-site scripting (XSS) vulnerability in the Settings menu, specifically via the Configuration parameter under Language. The underlying issue is insufficient filtering/escaping of user-supplied data in that parameter, enabling attackers to inject arbitrary web s...

7.2CVSS5.8AI score0.00456EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2024/04/17 12:0 a.m.12 views

CVE-2024-32344

A cross-site scripting XSS vulnerability in the Settings menu of CMSimple v5.15 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Edit parameter under the Language section...

5.8AI score0.00528EPSS
Exploits1References1
Rows per page
Query Builder