Cms Made Simple Security Vulnerabilities and Issues — Cms Made Simple CVE List

Lucene search

CmsmadesimpleCms Made Simple

5 matches found

CVE•added 2018/01/02 5:29 p.m.•50 views

CVE-2017-1000454

CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since 2.2.1

7.8CVSS7.5AI score0.00176EPSS

CVE•added 2018/01/02 5:29 p.m.•43 views

CVE-2017-1000453

CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.

9.8CVSS9.8AI score0.00979EPSS

CVE•added 2018/01/25 4:29 p.m.•40 views

CVE-2018-5963

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the title parameter.

4.8CVSS4.9AI score0.00472EPSS

CVE•added 2018/01/25 4:29 p.m.•39 views

CVE-2018-5965

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_errors parameter.

4.8CVSS4.9AI score0.00472EPSS

CVE•added 2018/01/25 4:29 p.m.•34 views

CVE-2018-5964

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_messages parameter.

4.8CVSS4.9AI score0.00279EPSS