CVE-2018-17835

An issue was discovered in GetSimple CMS 3.3.15. An administrator can insert stored XSS via the admin/settings.php Custom Permalink Structure parameter, which injects the XSS payload into any page created at the admin/pages.php URI...

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 post-menu field to edit.php or 2 Display name field to settings.php. NOTE: The Custom Permalink Structure and Email Address fields are already...

CVE-2013-7243

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the 1 post-menu field to edit.php or 2 Display name field to settings.php. NOTE: The Custom Permalink Structure and Email Address fields are already...

CVE-2012-6621

Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the 1 Email Address or 2 Custom Permalink Structure fields in admin/settings.php; 3 path parameter to admin/upload.php; 4 err paramet...

GetSimple CMS 3.1.2 / 3.2.3 Cross Site Scripting

Author Information Author : Ahmed Elhady Mohamed Website : http://1nfosec4all.blogspot.com/ twitter : @kingasmk facebook :https://www.facebook.com/groups/ITsec4all/ Software Information Affected Software : GetSimple CMS 3.2.3, 3.1.2 Software website : http://get-simple.info/ CVE Reference :...