CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

6 matches found

RedhatCVE•added 2026/03/26 2:59 p.m.•4 views

CVE-2026-28495

GetSimple CMS is a content management system. The massiveAdmin plugin v6.0.3 bundled with GetSimpleCMS-CE v3.3.22 allows an authenticated administrator to overwrite the gsconfig.php configuration file with arbitrary PHP code via the gsconfig editor module. The form lacks CSRF protection, enabling...

9.6CVSS6.1AI score0.00295EPSS

Exploits1References1

EUVD•added 2026/03/10 7:25 p.m.•6 views

EUVD-2026-10811

9.6CVSS6.1AI score0.00295EPSS

Exploits1References1

ATTACKERKB•added 2026/03/10 7:25 p.m.•3 views

CVE-2026-28495

9.6CVSS6.1AI score0.00295EPSS

Exploits1References2Affected Software1

Vulnrichment•added 2026/03/10 7:25 p.m.•5 views

CVE-2026-28495 GetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.php

9.6CVSS6.1AI score0.00295EPSS

Exploits1References1

CVE•added 2026/03/10 7:25 p.m.•11 views

CVE-2026-28495

CVE-2026-28495 affects GetSimple CMS via the bundled massiveAdmin plugin in GetSimpleCMS-CE v3.3.22. The description states an authenticated administrator can overwrite the gsconfig.php configuration file with arbitrary PHP code through the gsconfig editor module, due to lack of CSRF protection. ...

9.6CVSS6.1AI score0.00295EPSS

Exploits1References1Affected Software1

OSV•added 2026/03/10 7:25 p.m.•4 views

CVE-2026-28495 GetSimple CMS has CSRF to Remote Code Execution via Arbitrary PHP Write in gsconfig.php

9.6CVSS6.1AI score0.00295EPSS

Exploits1References3

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by