Lucene search
CmsmadesimpleCms Made Simple
2 matches found
CVE-2022-23906
CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution (RCE) vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file.
7.2CVSS7.1AI score0.06427EPSS
CVE-2022-23907
CMS Made Simple v2.2.15 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the parameter m1_fmmessage.
6.1CVSS6.1AI score0.00489EPSS