Lucene search
Get-simpleGetsimple Cms3.2.3
3 matches found
CVE-2013-7243
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) post-menu field to edit.php or (2) Display name field to settings.php. NOTE: The Custom Permalink Structure and Email Address fields are alr...
4.3CVSS5.9AI score0.00475EPSS
CVE-2014-8790
XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before 3.3.5 Beta 1, when in certain configurations, allows remote attackers to read arbitrary files via the data parameter.
5CVSS6.9AI score0.00657EPSS
CVE-2017-10673
admin/profile.php in GetSimple CMS 3.x has XSS in a name field.
6.1CVSS5.9AI score0.0024EPSS