34 matches found
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
EUVD-2007-4934
Malware in sbrugna...
EUVD-2024-37878
Malicious code in bioql PyPI...
SimpCMS Cross-Site Scripting Vulnerability
SimpCMS is an easy-to-use CMS based on PureEdit. A cross-site scripting vulnerability exists in SimpCMS version 0.1, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary web script or HTML via a...
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
SimpCMS 安全漏洞
SimpCMS is an easy-to-use CMS based on PureEdit. A cross-site scripting vulnerability exists in SimpCMS version 0.1, which stems from the application's lack of effective filtering and escaping of user-supplied data, and can be exploited by an attacker to execute arbitrary web script or HTML via a...
PT-2024-28408 · Simpcms · Simpcms
Name of the Vulnerable Software and Affected Versions: SimpCMS version 0.1 Description: A cross-site scripting XSS vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at the "/admin.php" API endpoint. Recommendations: For...
CVE-2024-39248
SimpCMS v0.1 is affected by an XSS in the Title field at /admin.php. Root cause cited across sources is lack of proper filtering/escaping of user input, enabling arbitrary web script or HTML execution. Impacted functionality is the admin input for the Title, with the potential for full script exe...
CVE-2024-39248
A cross-site scripting XSS vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php...
SimpCMS 0.1 Cross Site Scripting
Exploit Title: SimpCMS v0.1 - Cross Site Scripting XSS Date: 26-06-2024 CVE: CVE-2024-39248 Exploit Author: Jason Jacobs 0xjasonjacobs Vendor Homepage: https://sourceforge.net/projects/simpcms/ Software Link: https://sourceforge.net/projects/simpcms/ Category: Web Application Version: 0.1...
Exploit for Cross-site Scripting in Fikeulous Simpcms
Exploit Title: SimpCMS v0.1 - Cross Site Scripting XSS C...
SimpCMS <= all (keyword) Remote SQL Injection Vulnerability
No description provided by source. SimpCMS = all Remote SQL Injection Vulnerability Found By : ú Cold z3ro , http://www.hackteach.org/ Script : http://www.simpcms.com/ ==================================== Exploit :...
SimpCMS <= 04.10.2007 (site) Remote File Inclusion Vulnerability
No description provided by source. Bug Found By Dr.RoVeR --Arab48 Hacker Contact: [email protected] --- Script: SimpCMS Light Download: http://www.simpcms.com/light/normal/simp-cms-light.zip -- Bug File: index.php Bug code in line 31: include $site..php; -- Exploit:...
Sql injection
SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action...
CVE-2007-4953
SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action...
CVE-2007-4953
SQL injection vulnerability in index.php in SimpCMS allows remote attackers to execute arbitrary SQL commands via the keyword parameter in a search site action...
CVE-2007-4953
SimpCMS CVE-2007-4953 is a SQL injection vulnerability in index.php where a remote attacker can influence the keyword parameter of a search site action to execute arbitrary SQL. The entry details a high-severity issue (CVSSv2 base score 7.5) with network attack vector and no authentication requir...
simpcms-sql.txt
SimpCMS = all Remote SQL Injection Vulnerability Found By : ú Cold z3ro , http://www.hackteach.org/ Script : http://www.simpcms.com/ ==================================== Exploit : /index.php?site=search&keyword=1'//union//select//0,1,2,3,name,5,6//from//categories/ OR /index.php?site=search in...