4 matches found
CVE-2013-1420
Multiple cross-site scripting XSS vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the 1 id parameter to backup-edit.php; 2 title or 3 menu parameter to edit.php; or 4 path or 5 returnid parameter to filebrowser.php in admin/. NOTE: t...
CVE-2013-1420
GetSimple CMS before 3.2.1 has multiple XSS weaknesses allowing remote injection of script/HTML via: (1) id in backup-edit.php; (2) title or (3) menu in edit.php; or (4) path or (5) returnid in filebrowser.php under admin/. Note: path in admin/upload.php is covered by CVE-2012-6621. No public det...
GetSimple CMS 3.1.2 Cross Site Scripting Vulnerability
GetSimple CMS version 3.1.2 suffers from multiple cross site scripting vulnerabilities. Product: GetSimple CMS Vendor: get-simple.info Vulnerable Versions: 3.1.2 and probably prior Tested Version: 3.1.2 Vendor Notification: January 23, 2013 Vendor Patch: April 26, 2013 Public Disclosure: May 1,...
GetSimple CMS 3.1.2 Cross Site Scripting
Advisory ID: HTB23141 Product: GetSimple CMS Vendor: get-simple.info Vulnerable Versions: 3.1.2 and probably prior Tested Version: 3.1.2 Vendor Notification: January 23, 2013 Vendor Patch: April 26, 2013 Public Disclosure: May 1, 2013 Vulnerability Type: Cross-Site Scripting CWE-79 CVE Reference:...