Getsimple Cms@3.3.4 Security Vulnerabilities and Issues — Getsimple Cms@3.3.4 CVE List

Lucene search

Get-simpleGetsimple Cms3.3.4

2 matches found

CVE•added 2017/03/17 2:59 p.m.•78 views

CVE-2014-8722

GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) data/users/<username>.xml, (2) backups/users/<username>.xml.bak, (3) data/other/authorization.xml, or (4) data/other/appid.xml.

7.5CVSS7.2AI score0.33791EPSS

CVE•added 2017/03/17 2:59 p.m.•27 views

CVE-2014-8723

GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) plugins/anonymous_data.php or (2) plugins/InnovationPlugin.php, which reveals the installation path in an error message.

5.3CVSS5.1AI score0.00261EPSS