3 matches found
GetSimple CMS 3.3.1 - Cross-Site Scripting
PoC for XSS bugs in the admin console of GetSimple CMS 3.3.1 CVE-2014-1603 by Pedro Ribeiro [email protected] from Agile Information Security Disclosure: 12/05/2014 / Last updated: 12/10/2014 Timeline: 04/11/2013 - Found bugs, produced proof of concept. 05/11/2013 - Communicated to the developer,...
CVE-2014-1603
CVE-2014-1603 concerns multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.3.1 . According to the sources, an attacker can inject arbitrary web script or HTML via the (1) param parameter to admin/load.php, or (2) user , (3) email , or (4) name parameters in a Save Settings acti...
GetSimple CMS 3.3.1 Cross Site Scripting
PoC for XSS bugs in the admin console of GetSimple CMS 3.3.1 CVE-2014-1603 by Pedro Ribeiro [email protected] from Agile Information Security Timeline: 04/11/2013 - Found bugs, produced proof of concept. 05/11/2013 - Communicated to the developer, which acknowledged receipt. 10/01/2014 - Politely...