EUVD-2026-21980

A vulnerability was identified in code-projects Simple Content Management System 1.0. Affected by this vulnerability is an unknown functionality of the file /web/admin/login.php. Such manipulation of the argument User leads to sql injection. The attack may be launched remotely. The exploit is...

Remote file inclusion

Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the 1 meta or 2 phpincdir parameter, a different issue than CVE-2010-3307...

CVE-2010-3742

CVE-2010-3742 describes multiple PHP remote file inclusion vulnerabilities in Free Simple CMS 1.0, specifically in themes/default/index.php. The underlying issue allows an attacker to cause arbitrary PHP code execution by supplying a URL in the (1) meta or (2) phpincdir parameter, as reported (di...

CVE-2010-3307

CVE-2010-3307 involves multiple PHP remote file inclusion vulnerabilities in the Free Simple CMS 1.0 (and earlier). The issue arises in the themes/default/index.php file, where a URL provided in the following parameters can be used to include remote code: body, footer, header, menu_left, and menu...