197 matches found
CVE-2024-22714
Stupid Simple CMS =1.2.4 is vulnerable to Cross Site Scripting XSS in the editing section of the article content...
CVE-2024-22714
Stupid Simple CMS
CVE-2024-22715
Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...
CVE-2024-22715
Stupid Simple CMS =1.2.4 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin-edit.php...
CVE-2024-22715
Summary (from provided records): Stupid Simple CMS
CVE-2023-7041
A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...
CVE-2023-7040
A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launche...
Path traversal
A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...
Path traversal
A vulnerability classified as problematic was found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this vulnerability is an unknown functionality of the file /file-manager/rename.php. The manipulation of the argument oldName leads to path traversal: '../filedir'. The attack can be launche...
CVE-2023-7041 codelyfe Stupid Simple CMS rename.php path traversal
A vulnerability, which was classified as critical, has been found in codelyfe Stupid Simple CMS up to 1.2.4. Affected by this issue is some unknown functionality of the file /file-manager/rename.php. The manipulation of the argument newName leads to path traversal: '../filedir'. The attack may be...
CVE-2023-7041
CVE-2023-7041 details a path traversal vulnerability in codelyfe Stupid Simple CMS
CVE-2023-7040
CVE-2023-7040 affects codelyfe Stupid Simple CMS up to v1.2.4. The vulnerability is in /file-manager/rename.php where manipulation of the oldName argument enables path traversal to ../filedir. It can be exploited remotely and has public disclosure. The vulnerability is tracked as VDB-248689. Miti...
Stupid Simple CMS Security Vulnerability
Stupid Simple CMS is a content management system by codelyfe individual developer. A security vulnerability exists in Stupid Simple CMS 1.2.4 and earlier versions, which stems from a path traversal vulnerability in the file /file-manager/rename.php...
Stupid Simple CMS Security Vulnerability
Stupid Simple CMS is a content management system by codelyfe individual developer. A security vulnerability exists in Stupid Simple CMS 1.2.4 and earlier versions, which stems from a path traversal vulnerability in the file /file-manager/rename.php...
CVE-2023-6907
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /file-manager/delete.php of the component Deletion Interface. The manipulation of the argument file leads to improper...
CVE-2023-6907
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /file-manager/delete.php of the component Deletion Interface. The manipulation of the argument file leads to improper...
Authentication flaw
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /file-manager/delete.php of the component Deletion Interface. The manipulation of the argument file leads to improper...
CVE-2023-6907
The CVE-2023-6907 entry concerns codelyfe Stupid Simple CMS (versions up to 1.2.4). The vulnerability affects the Deletion Interface’s file-manager delete.php, where manipulation of the file parameter leads to improper authentication. Public exploit details exist, indicating potential exploitatio...
Stupid Simple CMS Authorization Issues Vulnerability
Stupid Simple CMS is a content management system for codelyfe individual developers. Stupid Simple CMS 1.2.4 and earlier versions have an authorization issue vulnerability that stems from the parameter file in the file /file-manager/delete.php that causes incorrect authentication...
CVE-2023-6902
A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload. The exploit has been disclosed to the public and m...