Getsimple Cms Security Vulnerabilities and Issues — Getsimple Cms CVE List

Lucene search

Get-simpleGetsimple Cms

2 matches found

CVE•added 2018/11/21 9:29 p.m.•52 views

CVE-2018-19420

In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension (e.g., the test or test.asdf filename), because of admin/upload-uploadify.php, and validate_safe_file in...

4CVSS4.4AI score0.00221EPSS

CVE•added 2018/11/21 9:29 p.m.•48 views

CVE-2018-19421

In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validate_safe_file in admin/inc/security_functions.php.

4CVSS4.5AI score0.00221EPSS