Getsimplecms Security Vulnerabilities and Issues — Getsimplecms CVE List

Lucene search

Get-simpleGetsimplecms

16 matches found

CVE•added 2023/11/17 6:15 p.m.•77 views

CVE-2023-6188

A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a. It has been rated as critical. This issue affects some unknown processing of the file /admin/theme-edit.php. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may ...

9.8CVSS6.4AI score0.00119EPSS

CVE•added 2021/08/06 11:15 p.m.•76 views

CVE-2020-21353

A stored cross site scripting (XSS) vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a allows attackers to execute arbitrary web scripts or HTML via crafted payload in the Edit Snippets module.

5.4CVSS5.4AI score0.00281EPSS

CVE•added 2023/10/31 2:15 a.m.•66 views

CVE-2023-46040

Cross Site Scripting vulnerability in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via the a crafted payload to the components.php function.

5.4CVSS5.8AI score0.00221EPSS

CVE•added 2021/06/23 7:15 p.m.•64 views

CVE-2020-18658

Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS

6.1CVSS6.2AI score0.00375EPSS

CVE•added 2021/06/23 7:15 p.m.•63 views

CVE-2020-18659

Cross Site Scripting vulnerability in GetSimpleCMS

6.1CVSS6.3AI score0.00375EPSS

CVE•added 2021/06/23 9:15 p.m.•58 views

CVE-2020-18660

GetSimpleCMS

6.1CVSS6.5AI score0.00324EPSS

CVE•added 2021/06/23 7:15 p.m.•49 views

CVE-2020-18657

Cross Site Scripting (XSS) vulnerability in GetSimpleCMS

6.1CVSS6.1AI score0.00375EPSS

CVE•added 2023/10/19 3:15 p.m.•45 views

CVE-2023-46042

An issue in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via a crafted payload to the phpinfo().

9.8CVSS9.4AI score0.73645EPSS

CVE•added 2024/11/12 3:15 p.m.•39 views

CVE-2024-11125

A vulnerability was found in GetSimpleCMS 3.3.16 and classified as problematic. This issue affects some unknown processing of the file /admin/profile.php. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may...

6.9CVSS4.5AI score0.00085EPSS

CVE•added 2021/06/23 1:15 p.m.•35 views

CVE-2021-28976

Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess.

7.2CVSS7.4AI score0.10057EPSS

CVE•added 2021/08/10 3:15 p.m.•33 views

CVE-2021-36601

GetSimpleCMS 3.3.16 contains a cross-site Scripting (XSS) vulnerability, where Function TSL does not filter check settings.php Website URL: "siteURL" parameter.

6.1CVSS5.9AI score0.00293EPSS

CVE•added 2020/10/02 2:15 p.m.•31 views

CVE-2020-18191

GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /GetSimpleCMS-3.3.15/admin/log.php

9.1CVSS9.2AI score0.05176EPSS

CVE•added 2021/06/23 3:15 p.m.•31 views

CVE-2020-20389

Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php.

4.8CVSS5AI score0.0029EPSS

CVE•added 2024/01/08 8:15 p.m.•29 views

CVE-2023-51246

A Cross Site Scripting (XSS) vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page.

5.4CVSS5.3AI score0.00196EPSS

CVE•added 2021/06/23 3:15 p.m.•27 views

CVE-2020-20391

Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets.

5.4CVSS5.4AI score0.00253EPSS

CVE•added 2021/06/23 1:15 p.m.•25 views

CVE-2021-28977

Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,

4.8CVSS5.2AI score0.00235EPSS