Vulnerabilities > Cmsimple

DATE	CVE	VULNERABILITY TITLE	RISK
2022-04-13	CVE-2021-43741	Path Traversal vulnerability in Cmsimple 5.4 CMSimple 5.4 is vulnerable to Directory Traversal. network low complexity cmsimple CWE-22 critical	9.8
2022-04-13	CVE-2021-43742	Cross-site Scripting vulnerability in Cmsimple 5.4 CMSimple 5.4 is vulnerable to Cross Site Scripting (XSS) via the file upload feature. network low complexity cmsimple CWE-79	5.4
2018-12-19	CVE-2018-19508	Cross-site Scripting vulnerability in Cmsimple 4.7.5 CMSimple 4.7.5 has XSS via an admin's upload of an SVG file at a ?userfiles&subdir=userfiles/images/flags/ URI. network low complexity cmsimple CWE-79	4.8
2018-12-19	CVE-2018-19507	Cross-site Scripting vulnerability in Cmsimple 4.7.5 CMSimple 4.7.5 has XSS via an admin's use of a ?file=config&action=array URI. network low complexity cmsimple CWE-79	4.8

Vulnerabilities > Cmsimple {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cmsimple"}]}