Cms Made Simple@2.2.10 Security Vulnerabilities and Issues — Cms Made Simple@2.2.10 CVE List

Lucene search

CmsmadesimpleCms Made Simple2.2.10

5 matches found

CVE•added 2019/06/05 6:29 p.m.•51 views

CVE-2019-11226

CMS Made Simple 2.2.10 has XSS via the m1_name parameter in "Add Article" under Content -> Content Manager -> News.

5.4CVSS5.2AI score0.00289EPSS

CVE•added 2019/03/26 10:29 p.m.•46 views

CVE-2019-10106

CMS Made Simple 2.2.10 has XSS via the 'moduleinterface.php' Name field, which is reachable via an "Add Category" action to the "Site Admin Settings - News module" section.

5.4CVSS5.2AI score0.00254EPSS

CVE•added 2019/03/24 10:29 p.m.•40 views

CVE-2019-10017

CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker.

5.4CVSS5.2AI score0.00254EPSS

CVE•added 2019/03/26 10:29 p.m.•37 views

CVE-2019-10107

CMS Made Simple 2.2.10 has XSS via the myaccount.php "Email Address" field, which is reachable via the "My Preferences -> My Account" section.

5.4CVSS5.2AI score0.00254EPSS

CVE•added 2019/03/26 10:29 p.m.•33 views

CVE-2019-10105

CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager.

5.4CVSS5.4AI score0.00254EPSS