Lucene search
K

4 matches found

OpenVAS
OpenVAS
added 2025/04/09 12:0 a.m.18 views

CMS Made Simple < 2.2.15 Multiple Vulnerabilities

CMS Made Simple is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:cmsmadesimple:cmsmadesimple...

9.8CVSS7AI score0.00921EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2024/03/12 3:22 p.m.32 views

CVE-2024-1528 Cross-site Scripting in CMS Made Simple

CMS Made Simple version 2.2.14, does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability through /admin/moduleinterface.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload to ...

7.4CVSS5.7AI score0.00436EPSS
Exploits0References1
CVE
CVE
added 2024/03/12 3:22 p.m.71 views

CVE-2024-1528

CMS Made Simple 2.2.14 is reported to be vulnerable to Cross-Site Scripting through /admin/moduleinterface.php due to insufficient encoding of user-controlled input in multiple parameters. The issue is exploitable to deliver a crafted JavaScript payload to an authenticated user, with potential se...

7.4CVSS6.6AI score0.00436EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/03/12 3:22 p.m.33 views

CVE-2024-1528 Cross-site Scripting in CMS Made Simple

CMS Made Simple version 2.2.14, does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting XSS vulnerability through /admin/moduleinterface.php, in multiple parameters. This vulnerability could allow a remote attacker to send a specially crafted JavaScript payload to ...

7.4CVSS7.1AI score0.00436EPSS
Exploits0References1
Rows per page
Query Builder