163 matches found
Design/Logic Flaw
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validatesafefile in admin/inc/securityfunctions.php...
CVE-2018-19421
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validatesafefile in admin/inc/securityfunctions.php...
CVE-2018-19420
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g., the test or test.asdf filename, because of admin/upload-uploadify.php, and validatesafefile in...
Code injection
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g., the test or test.asdf filename, because of admin/upload-uploadify.php, and validatesafefile in...
CVE-2018-19421
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validatesafefile in admin/inc/securityfunctions.php...
CVE-2018-19420
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g., the test or test.asdf filename, because of admin/upload-uploadify.php, and validatesafefile in...
CVE-2018-19421
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validatesafefile in admin/inc/securityfunctions.php...
CVE-2018-19420
In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension e.g., the test or test.asdf filename, because of admin/upload-uploadify.php, and validatesafefile in...
CVE-2018-19420
In GetSimpleCMS 3.3.15, an HTML-execution vulnerability exists in the upload handling path. Although admin/upload.php blocks .html uploads, HTML can still be executed via edge cases such as files with no extension or unrecognized extensions (e.g., test or test.asdf) through the interaction with a...
CVE-2018-19421
CVE-2018-19421 affects GetSimpleCMS 3.3.15. The vulnerability arises in the upload handling: admin/upload-uploadify.php and the validation routine in admin/inc/security_functions.php interact with admin/upload.php, which blocks .html uploads but allows Internet Explorer to render HTML elements co...
XSS, Code Execution, DOS, Password Leak, Weak Authentication in GetSimpleCMS 3.3.5
Vulnerability: XSS, Code Execution, DOS, Password Leak, Weak Authentication Affected Software: GetSimpleCMS http://get-simple.info/ Affected Version: 3.3.5 probably also prior versions Patched Version: 3.3.6 partial fix Risk: Medium-High Vendor Contacted: 2015-06-14 Vendor Partial Fix: 2015-07-14...
GetSimpleCMS 3.3.5 Multiple Vulnerabilities
Exploit for php platform in category web applications Vulnerability: XSS, Code Execution, DOS, Password Leak, Weak Authentication Affected Software: GetSimpleCMS http://get-simple.info/ Affected Version: 3.3.5 probably also prior versions Patched Version: 3.3.6 partial fix Risk: Medium-High Vendo...
GetSimpleCMS 3.3.5 XSS / Code Execution / DoS / Weak Auth
Vulnerability: XSS, Code Execution, DOS, Password Leak, Weak Authentication Affected Software: GetSimpleCMS http://get-simple.info/ Affected Version: 3.3.5 probably also prior versions Patched Version: 3.3.6 partial fix Risk: Medium-High Vendor Contacted: 2015-06-14 Vendor Partial Fix: 2015-07-14...
Get Simple CMS 3.3.3 Information Disclosure / XSS
GetSimpleCMS3.3.3 multi Vulnerability ====================================== Author : indoushka Vondor : http://get-simple.info/ Dork: © 2009-2014 GetSimple CMS – Version 3.3.3 ================================================== info : http://127.0.0.1/GetSimpleCMS3/backups/users/admin.xml.bak...
GetSimpleCMS PHP File Upload Vulnerability
This module exploits a file upload vulnerability in GetSimple CMS. By abusing the upload.php file, a malicious authenticated user can upload an arbitrary file, including PHP code, which results in arbitrary code execution. This module requires Metasploit: https://metasploit.com/download Current...
GetSimpleCMS PHP File Upload
This module requires Metasploit: http//metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework require 'msf/core' class Metasploit3 'GetSimpleCMS PHP File Upload Vulnerability', 'Description' = %q This module exploits a file upload vulnerability in GetSimple CMS. By...
GetSimpleCMS 3.2.1 - Arbitrary File Upload Vulnerability
No description provided by source. GetSimpleCMS Version 3.2.1 Arbitrary File Upload Vulnerability =================================================================================== Exploit Title: GetSimpleCMS Version 3.2.1 Arbitrary File Upload Vulnerability Download link:...
GetSimpleCMS 3.2.1 arbitrary file upload-vulnerability warning-the black bar safety net
Title: GetSimpleCMS Version 3.2.1 Arbitrary File Upload Vulnerability Download address: http://code.google.com/p/get-simple-cms/ Affected version: 3.2.1 Tested: ubuntu 13.4 Author: Ahmed Elhady Mohamed Overview: - GetSimpleCMS Version 3.2.1 suffers from arbitrary file upload vulnerability which...
Getsimple CMS 3.2.1 - Arbitrary File Upload
Getsimple CMS 3.2.1 - Arbitrary File Upload GetSimpleCMS Version 3.2.1 Arbitrary File Upload Vulnerability =================================================================================== Exploit Title: GetSimpleCMS Version 3.2.1 Arbitrary File Upload Vulnerability Download link:...
Getsimple CMS 3.2.1 - Arbitrary File Upload
GetSimpleCMS Version 3.2.1 Arbitrary File Upload Vulnerability =================================================================================== Exploit Title: GetSimpleCMS Version 3.2.1 Arbitrary File Upload Vulnerability Download link: http://code.google.com/p/get-simple-cms/ version: 3.2.1...