11 matches found
CVE-2026-26351 GetSimpleCMS-CE < 3.3.22 Stored XSS via components.php
GetSimpleCMS Community Edition CE versions prior to 3.3.22 3.3.16 tested contains a stored cross-site scripting XSS vulnerability in the Theme to Components functionality within components.php. User-supplied input provided to the "slug" field of a component is stored without proper output encodin...
CVE-2021-47870
CVE-2021-47870 affects GetSimple CMS with the plugin “My SMTP Contact Plugin” v1.1.2. The stored XSS arises because input is sanitized with htmlspecialchars() but can be bypassed by escaped hex bytes, enabling arbitrary client-side code execution in an administrator’s browser when visiting a craf...
PT-2024-18637 · WordPress · Buddypress Woocommerce My Account Integration
Name of the Vulnerable Software and Affected Versions: BuddyPress WooCommerce My Account Integration. Create WooCommerce Member Pages plugin for WordPress versions up to, and including, 3.4.20 Description: The issue concerns PHP Object Injection via deserialization of untrusted input in the get...
CVE-2023-46040
Cross Site Scripting vulnerability in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via the a crafted payload to the components.php function...
CVE-2023-46042
An issue in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via a crafted payload to the phpinfo...
Exploit for Code Injection in Get-Simple Getsimple_Cms
CVE-2022-41544 Exploit scr...
SUSE CVE-2018-12911
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the getsimpleglobs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c...
DEBIAN-CVE-2018-12911
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the getsimpleglobs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c...
UBUNTU-CVE-2018-12911
WebKitGTK+ 2.20.3 has an off-by-one error, with a resultant out-of-bounds write, in the getsimpleglobs functions in ThirdParty/xdgmime/src/xdgmimecache.c and ThirdParty/xdgmime/src/xdgmimeglob.c...
Get Simple CMS 3.3.3 CSRF / XSS / Clickjacking Vulnerabilities
Get Simple CMS version 3.3.3 suffers from cross site request forgery, clickjacking, and various cross site scripting vulnerabilities. Affected Vendor: http://get-simple.info/ Date: 23/09/2014 Discovered by: JoeV Type of vulnerability: CSRF, Click-jacking, DOM based XSS and XSS Tested on: Windows ...
Get Simple CMS 3.3.3 CSRF / XSS / Clickjacking
Affected Vendor: http://get-simple.info/ Date: 23/09/2014 Discovered by: JoeV Type of vulnerability: CSRF, Click-jacking, DOM based XSS and XSS Tested on: Windows 7 Version : 3.3.3 Description: Get Simple CMS v 3.3.3 is susceptible to multiple vulnerabilities such as CSRF, Click-jacking, DOM base...