CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

462 matches found

GetSimple CMS 3.3.13 - Open Redirect

GetSimple CMS 3.3.13 contains an open redirect vulnerability via the admin/index.php redirect parameter. An attacker can redirect a user to a malicious site and possibly obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2019-9915 info: name: GetSimple CMS...

6.1CVSS6.4AI score0.14005EPSS

Exploits0References5

RedhatCVE•added 2026/03/26 2:59 p.m.•1 views

CVE-2026-28495

GetSimple CMS is a content management system. The massiveAdmin plugin v6.0.3 bundled with GetSimpleCMS-CE v3.3.22 allows an authenticated administrator to overwrite the gsconfig.php configuration file with arbitrary PHP code via the gsconfig editor module. The form lacks CSRF protection, enabling...

9.6CVSS6.1AI score0.00112EPSS

Exploits1References1

NVD•added 2026/03/10 8:16 p.m.•0 views

CVE-2026-28495

9.6CVSS0.00112EPSS

Exploits1References1

EUVD•added 2026/03/10 7:25 p.m.•3 views

EUVD-2026-10811

9.6CVSS6.1AI score0.00112EPSS

Exploits1References1

Vulnrichment•added 2026/03/10 7:25 p.m.•3 views

CVE-2026-28495 GetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.php

9.6CVSS6.1AI score0.00112EPSS

Exploits1References1

CVE•added 2026/03/10 7:25 p.m.•4 views

CVE-2026-28495

CVE-2026-28495 affects GetSimple CMS via the bundled massiveAdmin plugin in GetSimpleCMS-CE v3.3.22. The description states an authenticated administrator can overwrite the gsconfig.php configuration file with arbitrary PHP code through the gsconfig editor module, due to lack of CSRF protection. ...

9.6CVSS6.1AI score0.00112EPSS

Exploits1References1Affected Software1

ATTACKERKB•added 2026/03/10 7:25 p.m.•2 views

CVE-2026-28495

9.6CVSS6.1AI score0.00112EPSS

Exploits1References2Affected Software1

OSV•added 2026/03/10 7:25 p.m.•0 views

CVE-2026-28495 GetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.php

9.6CVSS6.1AI score0.00112EPSS

Exploits1References3

Cvelist•added 2026/03/10 7:25 p.m.•23 views

CVE-2026-28495 GetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.php

9.6CVSS0.00112EPSS

Exploits1References1

CNNVD•added 2026/03/10 12:0 a.m.•2 views

GetSimple CMS 跨站请求伪造漏洞

GetSimple CMS is an open-source content management system developed by GetSimple CMS. Version 3.3.22 of GetSimple CMS contains a cross-site request forgeing vulnerability. This vulnerability stems from the lack of CSRF protection, which may allow remote, unverified attackers to execute remote cod...

9.6CVSS6.1AI score0.00112EPSS

Exploits1References1

Positive Technologies•added 2026/03/10 12:0 a.m.•2 views

PT-2026-24402

9.6CVSS6.1AI score0.00112EPSS

Exploits1References2

CNNVD•added 2026/02/24 12:0 a.m.•4 views

GetSimple CMS 跨站脚本漏洞

GetSimple CMS is an open-source content management system developed by GetSimple CMS. Version 3.3.16 of GetSimple CMS has a cross-site scripting vulnerability. This vulnerability stems from improper output encoding of user inputs for the slug field in component functions. It may lead to...

4.8CVSS5.6AI score0.00023EPSS

Exploits0References4

RedhatCVE•added 2026/02/22 1:28 a.m.•2 views

CVE-2026-27202

GetSimple CMS is a content management system. All versions of GetSimple CMS have a flaw in the Uploaded Files feature that allows for arbitrary file reads. This issue has not been fixed at the time of publication...

8.8CVSS5.8AI score0.00028EPSS

Exploits1References1

RedhatCVE•added 2026/02/22 1:28 a.m.•3 views

CVE-2026-27161

GetSimple CMS is a content management system. All versions of GetSimple CMS rely on .htaccess files to restrict access to sensitive directories such as /data/ and /backups/. If Apache AllowOverride is disabled common in hardened or shared hosting environments, these protections are silently...

8.7CVSS5.7AI score0.0004EPSS

Exploits1References1

NVD•added 2026/02/21 12:16 a.m.•4 views

CVE-2026-27202

8.8CVSS0.00028EPSS

Exploits1References1

NVD•added 2026/02/21 12:16 a.m.•2 views

CVE-2026-27161

8.7CVSS0.0004EPSS

Exploits1References1

NVD•added 2026/02/21 12:16 a.m.•7 views

CVE-2026-27146

GetSimple CMS is a content management system. All versions of GetSimple CMS do not implement CSRF protection on the administrative file upload endpoint. As a result, an attacker can craft a malicious web page that silently triggers a file upload request from an authenticated victim’s browser. The...

7.1CVSS0.00008EPSS

Exploits1References1

CNNVD•added 2026/02/21 12:0 a.m.•5 views

GetSimple CMS 跨站脚本漏洞

GetSimple CMS is an open-source content management system developed by GetSimple CMS. GetSimple CMS has a cross-site scripting vulnerability, which stems from improper cleanup or restrictions on SVG file uploads, potentially leading to cross-site scripting attacks...

6.9CVSS5.6AI score0.00016EPSS

Exploits1References1

CNNVD•added 2026/02/21 12:0 a.m.•4 views

GetSimple CMS 安全漏洞

GetSimple CMS is an open-source content management system developed by GetSimple CMS. There is a security vulnerability in GetSimple CMS, which stems from a flaw in the file upload function, potentially allowing arbitrary file reading...

8.8CVSS5.9AI score0.00028EPSS

Exploits1References1

CNNVD•added 2026/02/21 12:0 a.m.•4 views

GetSimple CMS 代码问题漏洞

GetSimple CMS is an open-source content management system developed by GetSimple CMS. There are code issues and vulnerabilities in GetSimple CMS; these vulnerabilities stem from the lack of cross-site request forgery protection in the file upload endpoint, which may lead to arbitrary file uploads...

7.1CVSS5.9AI score0.00008EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by