Lucene search

K
CmsmadesimpleCms Made Simple2.2.18

11 matches found

CVE
CVE
added 2023/09/25 4:15 p.m.98 views

CVE-2023-43339

Cross-Site Scripting (XSS) vulnerability in cmsmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload injected into the Database Name, DataBase User or Database Port components.

6.1CVSS5.8AI score0.00176EPSS
CVE
CVE
added 2023/09/28 2:15 p.m.92 views

CVE-2023-43872

A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS).

5.4CVSS5.8AI score0.00597EPSS
CVE
CVE
added 2023/10/20 10:15 p.m.70 views

CVE-2023-43357

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component.

5.4CVSS6.1AI score0.00255EPSS
CVE
CVE
added 2023/10/20 10:15 p.m.61 views

CVE-2023-43356

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component.

5.4CVSS6.1AI score0.00255EPSS
CVE
CVE
added 2023/10/20 10:15 p.m.60 views

CVE-2023-43354

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component.

5.4CVSS6.1AI score0.00235EPSS
CVE
CVE
added 2023/10/20 10:15 p.m.59 views

CVE-2023-43353

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component.

5.4CVSS6.1AI score0.00235EPSS
CVE
CVE
added 2023/10/20 10:15 p.m.59 views

CVE-2023-43355

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component.

5.4CVSS6.2AI score0.00386EPSS
CVE
CVE
added 2023/10/25 6:17 p.m.56 views

CVE-2023-43360

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory parameter in the File Picker Menu component.

5.4CVSS6.1AI score0.00386EPSS
CVE
CVE
added 2023/10/26 10:15 p.m.46 views

CVE-2023-43352

An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu component.

7.8CVSS7.7AI score0.00664EPSS
CVE
CVE
added 2023/10/23 10:15 p.m.39 views

CVE-2023-43358

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component.

5.4CVSS6.1AI score0.00152EPSS
CVE
CVE
added 2023/10/19 10:15 p.m.29 views

CVE-2023-43359

Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component.

5.4CVSS6.1AI score0.00112EPSS