Cms Made Simple@1.11.2 Security Vulnerabilities and Issues — Cms Made Simple@1.11.2 CVE List

Lucene search

CmsmadesimpleCms Made Simple1.11.2

3 matches found

CVE•added 2016/05/26 2:59 p.m.•56 views

CVE-2016-2784

CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.

4.7CVSS4.5AI score0.06088EPSS

CVE•added 2013/10/11 10:55 p.m.•38 views

CVE-2013-4167

Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) before 1.11.7 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.

4.3CVSS5.8AI score0.00285EPSS

CVE•added 2014/03/05 4:37 p.m.•33 views

CVE-2014-2245

SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the sortby parameter to admin/moduleinterface.php. NOTE: some of these details are obtained from third p...

6CVSS8.2AI score0.00316EPSS