Lucene search
K

12 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2020-9414

Malware in sbrugna...

7.8CVSS7.6AI score0.00973EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2018-11286

Malware in sbrugna...

4.8CVSS5.1AI score0.0067EPSS
Exploits1References2
Prion
Prion
added 2020/08/14 3:15 p.m.14 views

Design/Logic Flaw

CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to CVE-2017-16798...

6.5CVSS5.4AI score0.00973EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2020/08/14 2:10 p.m.41 views

CVE-2020-17462

CMS Made Simple 2.2.14 is affected by an authenticated arbitrary file upload vulnerability in the File Manager due to not blocking .ptar files, a related issue to CVE-2017-16798. Multiple sources (NVD/CVE records, OpenVAS listing) note the issue affects 2.2.14 and, per OpenVAS, also 2.2.15 and ea...

7.8CVSS5.4AI score0.00973EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2020/08/14 2:10 p.m.21 views

CVE-2020-17462

CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to CVE-2017-16798...

5.5AI score0.00973EPSS
Exploits1References1
Prion
Prion
added 2018/12/19 7:29 p.m.19 views

Design/Logic Flaw

CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798...

3.5CVSS5.1AI score0.00857EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2018/12/19 7:29 p.m.6 views

CVE-2018-19597

CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798...

4.8CVSS5.8AI score0.0067EPSS
Exploits1References1
NVD
NVD
added 2018/12/19 7:29 p.m.21 views

CVE-2018-19597

CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798...

4.8CVSS5.3AI score0.0067EPSS
Exploits1References1
Cvelist
Cvelist
added 2018/12/19 7:0 p.m.20 views

CVE-2018-19597

CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798...

5.3AI score0.0067EPSS
Exploits1References1
OpenVAS
OpenVAS
added 2017/11/13 12:0 a.m.33 views

CMS Made Simple 2.2.3.1 Multiple Vulnerabilities

CMS Made Simple is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cmsmadesimple:cmsmadesimple...

5.4CVSS5.6AI score0.00857EPSS
Exploits0References2
NVD
NVD
added 2017/11/12 6:29 p.m.15 views

CVE-2017-16798

In CMS Made Simple 2.2.3.1, the isfileacceptable function in modules/FileManager/action.upload.php only blocks file extensions that begin or end with a "php" substring, which allows remote attackers to bypass intended access restrictions or trigger XSS via other extensions, as demonstrated by...

5.4CVSS5.3AI score0.00857EPSS
Exploits0References1
CVE
CVE
added 2017/11/12 6:0 p.m.54 views

CVE-2017-16798

CMS Made Simple 2.2.3.1 is vulnerable in is_file_acceptable() in modules/FileManager/action.upload.php, which only blocks file extensions containing the substring “php” and fails for other extensions (e.g., .phtml, .pht, .html, .svg). This can bypass access restrictions and enable XSS via uploade...

5.4CVSS5.2AI score0.00857EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder