2 matches found
CVE-2014-0334
CMS Made Simple (1.11.x) has multiple XSS vulnerabilities (CVE-2014-0334) exploitable via many admin parameters (admin/addgroup.php, admin/addhtmlblob.php, admin/addbookmark.php, admin/copystylesheet.php, admin/copytemplate.php, admin/editbookmark.php, admin/listtemplates.php, admin/listcss.php, ...
CMS Made Simple contains multiple cross-site scripting vulnerabilities
Overview CMS Made Simple contains multiple cross-site scripting vulnerabilities Description CWE-79: Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' - CVE-2014-0334The files: cmsmadesimple/admin/addgroup.php on line 107 contains a post-authentication reflected XS...