Cms Made Simple@1.10 Security Vulnerabilities and Issues — Cms Made Simple@1.10 CVE List

Lucene search

CmsmadesimpleCms Made Simple1.10

3 matches found

CVE•added 2016/05/26 2:59 p.m.•56 views

CVE-2016-2784

CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.

4.7CVSS4.5AI score0.06088EPSS

CVE•added 2014/03/05 4:37 p.m.•33 views

CVE-2014-2245

SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the sortby parameter to admin/moduleinterface.php. NOTE: some of these details are obtained from third p...

6CVSS8.2AI score0.00316EPSS

CVE•added 2012/04/11 10:39 a.m.•28 views

CVE-2012-1992

Cross-site scripting (XSS) vulnerability in admin/edituser.php in CMS Made Simple 1.10.3 and earlier allows remote attackers to inject arbitrary web script or HTML via the email parameter (aka the Email Address field in the Edit User template).

4.3CVSS5.9AI score0.00225EPSS