163 matches found
CVE-2026-26351
GetSimpleCMS Community Edition CE versions prior to 3.3.22 3.3.16 tested contains a stored cross-site scripting XSS vulnerability in the Theme to Components functionality within components.php. User-supplied input provided to the "slug" field of a component is stored without proper output encodin...
EUVD-2026-8572
GetSimpleCMS Community Edition CE version 3.3.16 contains a stored cross-site scripting XSS vulnerability in the Theme to Components functionality within components.php. User-supplied input provided to the "slug" field of a component is stored without proper output encoding. While other fields ar...
CVE-2026-26351
GetSimpleCMS Community Edition CE version 3.3.16 contains a stored cross-site scripting XSS vulnerability in the Theme to Components functionality within components.php. User-supplied input provided to the "slug" field of a component is stored without proper output encoding. While other fields ar...
CVE-2026-26351
GetSimpleCMS Community Edition CE versions prior to 3.3.22 3.3.16 tested contains a stored cross-site scripting XSS vulnerability in the Theme to Components functionality within components.php. User-supplied input provided to the "slug" field of a component is stored without proper output encodin...
CVE-2026-26351
CVE-2026-26351 affects GetSimpleCMS Community Edition 3.3.16. A stored XSS flaw exists in the Theme to Components workflow (components.php): user input in the component "slug" field is written to XML and later rendered in the admin interface without proper sanitization, enabling persistent script...
CVE-2026-26351 GetSimpleCMS-CE < 3.3.22 Stored XSS via components.php
GetSimpleCMS Community Edition CE versions prior to 3.3.22 3.3.16 tested contains a stored cross-site scripting XSS vulnerability in the Theme to Components functionality within components.php. User-supplied input provided to the "slug" field of a component is stored without proper output encodin...
CVE-2026-26351
GetSimpleCMS Community Edition CE versions prior to 3.3.22 3.3.16 tested contains a stored cross-site scripting XSS vulnerability in the Theme to Components functionality within components.php. User-supplied input provided to the "slug" field of a component is stored without proper output encodin...
PT-2026-21807
Name of the Vulnerable Software and Affected Versions GetSimpleCMS Community Edition version 3.3.16 Description GetSimpleCMS Community Edition version 3.3.16 has a stored cross-site scripting issue in the Theme to Components functionality within the components.php file. Input to the “slug” field ...
CVE-2018-19421
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validatesafefile in admin/inc/securityfunctions.php...
CVE-2021-28976
Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess...
CVE-2021-28977
Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,...
EUVD-2021-15623
Malware in sbrugna...
EUVD-2020-10581
Malware in sbrugna...
EUVD-2020-10118
Malware in sbrugna...
EUVD-2021-23198
Malware in sbrugna...
EUVD-2020-10584
Malware in sbrugna...
EUVD-2013-7249
Malware in sbrugna...
EUVD-2018-11112
Malware in sbrugna...
EUVD-2018-11113
Malware in sbrugna...
EUVD-2020-13178
Malware in sbrugna...