3 matches found
CVE-2017-6072
CMS Made Simple Form Builder (CMSMS) for CMS Made Simple version 1.x is affected by CVE-2017-6072, with exploitation allowing information disclosure via defaultadmin prior to version 0.8.1.6. The root cause is an information-disclosure vulnerability in the Form Builder module that enables remote ...
CVE-2017-6071
The CVE-2017-6071 entry applies to CMS Made Simple Form Builder (CMSMS Form Builder) in CMS Made Simple v1.x prior to 0.8.1.6. The vulnerability is an information-disclosure flaw exploitable via exportxml, allowing remote attackers to access sensitive information. The available documents describe...
CVE-2017-6070
CMS Made Simple’s Form Builder (version 1.x) is affected up to 0.8.1.5, with a remote PHP code execution vulnerability exploitable via the cntnt01fbrp_forma_form_template parameter in admin_store_form. The root cause is improper handling of that parameter, enabling arbitrary code execution on the...