2 matches found
GetSimple CMS 3.3.4 - Information Disclosure
Exploit Title: GetSimple CMS 3.3.4 - Information Disclosure Date 01.06.2021 Exploit Author: Ron Jost Hacker5preme Vendor Homepage: http://get-simple.info/ Software Link: https://github.com/GetSimpleCMS/GetSimpleCMS/archive/refs/tags/v3.3.4.zip Version: 3.3.4 CVE: CVE-2014-8722 Documentation:...
CVE-2014-8722
GetSimple CMS 3.3.4 is affected by CVE-2014-8722, enabling information disclosure via direct requests to (1) data/users/.xml, (2) backups/users/.xml.bak, (3) data/other/authorization.xml, and (4) data/other/appid.xml. Root cause is exposed sensitive data without proper access control. Public expl...