Lucene search
K

248 matches found

BDU FSTEC
BDU FSTEC
added 2025/02/06 12:0 a.m.8 views

The vulnerability of the log.php script in the CMSimple content management system allows a hacker to gain unauthorized access to protected information and execute arbitrary code.

The vulnerability of the CMSimple content management system is related to incorrect restrictions on the path to the restricted catalog. Exploiting this vulnerability could allow an attacker to gain unauthorized access to protected information by sending a specially crafted GET request...

9.4CVSS5.5AI score0.00451EPSS
Exploits1References3Affected Software1
OSV
OSV
added 2025/01/27 11:15 p.m.5 views

CVE-2024-57549

CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request...

7.5CVSS5.8AI score0.00632EPSS
Exploits1References2
OSV
OSV
added 2025/01/27 11:15 p.m.5 views

CVE-2024-57547

Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files...

7.5CVSS5.8AI score0.00544EPSS
Exploits1References2
NVD
NVD
added 2025/01/27 11:15 p.m.19 views

CVE-2024-57547

Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files...

7.5CVSS0.00544EPSS
Exploits1References2
NVD
NVD
added 2025/01/27 11:15 p.m.16 views

CVE-2024-57549

CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request...

7.5CVSS0.00632EPSS
Exploits1References2
NVD
NVD
added 2025/01/27 11:15 p.m.23 views

CVE-2024-57548

CMSimple 5.16 allows the user to edit log.php file via print page...

9.1CVSS0.00451EPSS
Exploits1References2
OSV
OSV
added 2025/01/27 11:15 p.m.5 views

CVE-2024-57548

CMSimple 5.16 allows the user to edit log.php file via print page...

9.1CVSS5.8AI score0.00451EPSS
Exploits1References2
NVD
NVD
added 2025/01/27 11:15 p.m.29 views

CVE-2024-57546

An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function...

7.5CVSS0.00559EPSS
Exploits1References2
OSV
OSV
added 2025/01/27 11:15 p.m.4 views

CVE-2024-57546

An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function...

7.5CVSS5.8AI score0.00559EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/01/27 12:0 a.m.11 views

CVE-2024-57546

An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function...

0.00559EPSS
Exploits1References2
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.5 views

CMSimple 安全漏洞

CMSimple is a free content management system from CMSimple open source. A security vulnerability exists in CMSimple version 5.16, which stems from a vulnerability that allows remote attackers to download php backup files via a carefully crafted script that obtains sensitive information...

7.5CVSS6.7AI score0.00544EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/01/27 12:0 a.m.25 views

CVE-2024-57547

Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files...

0.00544EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/01/27 12:0 a.m.28 views

CVE-2024-57549

CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request...

0.00632EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/01/27 12:0 a.m.7 views

CVE-2024-57547

Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files...

7.2AI score0.00544EPSS
Exploits1References2
Vulnrichment
Vulnrichment
added 2025/01/27 12:0 a.m.10 views

CVE-2024-57548

CMSimple 5.16 allows the user to edit log.php file via print page...

9.2AI score0.00451EPSS
Exploits1References2
CVE
CVE
added 2025/01/27 12:0 a.m.59 views

CVE-2024-57548

CMSimple 5.16 is affected by a vulnerability that allows editing the log.php file via the print page, due to incorrect directory path access restrictions. The issue supports remote exploitation through specially crafted GET requests, enabling an attacker to edit log.php and potentially access pro...

9.1CVSS6.9AI score0.00451EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/01/27 12:0 a.m.77 views

CVE-2024-57549

CMSimple 5.16 is affected by an information-disclosure vulnerability where an attacker can read the CMS source code by manipulating the file parameter in a GET request. The root cause is insufficient restriction of the path in the file parameter, enabling access to restricted files. Impact stated...

7.5CVSS7AI score0.00632EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2025/01/27 12:0 a.m.60 views

CVE-2024-57546

CMSimple v5.16 is affected by a vulnerability in the validate link function that can allow a remote attacker to obtain sensitive information and may enable SSRF. The issue stems from insufficient protection of internal data in the link validation path. Recommended temporary mitigation: disable th...

7.5CVSS6.4AI score0.00559EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2025/01/27 12:0 a.m.5 views

CMSimple 安全漏洞

CMSimple is a free content management system from CMSimple open source. A security vulnerability exists in CMSimple version 5.16 that originates from allowing a user to edit the log.php file via the print page...

9.1CVSS6.7AI score0.00451EPSS
Exploits1References2
Cvelist
Cvelist
added 2025/01/27 12:0 a.m.13 views

CVE-2024-57548

CMSimple 5.16 allows the user to edit log.php file via print page...

0.00451EPSS
Exploits1References2
Rows per page
Query Builder