Cms Made Simple@0.3.1 Security Vulnerabilities and Issues — Cms Made Simple@0.3.1 CVE List

Lucene search

CmsmadesimpleCms Made Simple0.3.1

5 matches found

CVE•added 2011/06/08 10:36 a.m.•39 views

CVE-2010-4663

Unspecified vulnerability in the News module in CMS Made Simple (CMSMS) before 1.9.1 has unknown impact and attack vectors.

10CVSS6.7AI score0.00414EPSS

CVE•added 2012/12/03 9:55 p.m.•38 views

CVE-2012-5450

Cross-site request forgery (CSRF) vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) 1.11.2 and earlier allows remote attackers to hijack the authentication of administrators for requests that delete arbitrary files via the deld parameter.

6.8CVSS7.2AI score0.00275EPSS

CVE•added 2012/12/03 9:55 p.m.•33 views

CVE-2012-6064

Directory traversal vulnerability in lib/filemanager/imagemanager/images.php in CMS Made Simple (CMSMS) before 1.11.2.1 allows remote authenticated administrators to delete arbitrary files via a .. (dot dot) in the deld parameter. NOTE: this can be leveraged using CSRF (CVE-2012-5450) to allow remo...

3.5CVSS6.4AI score0.00903EPSS

CVE•added 2014/03/05 4:37 p.m.•33 views

CVE-2014-2245

SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the sortby parameter to admin/moduleinterface.php. NOTE: some of these details are obtained from third p...

6CVSS8.2AI score0.00316EPSS

CVE•added 2012/04/11 10:39 a.m.•28 views

CVE-2012-1992

Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).

4.3CVSS5.9AI score0.00225EPSS