Vulnerabilities > Cmsmadesimple
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-03-12 | CVE-2024-1527 | Unspecified vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 Unrestricted file upload vulnerability in CMS Made Simple, affecting version 2.2.14. | 8.8 |
| 2024-03-12 | CVE-2024-1528 | Unspecified vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 CMS Made Simple version 2.2.14, does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /admin/moduleinterface.php, in multiple parameters. | 6.1 |
| 2024-03-12 | CVE-2024-1529 | Unspecified vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 Vulnerability in CMS Made Simple 2.2.14, which does not sufficiently encode user-controlled input, resulting in a Cross-Site Scripting (XSS) vulnerability through /admin/adduser.php, in multiple parameters. | 6.1 |
| 2023-10-26 | CVE-2023-43352 | Unspecified vulnerability in Cmsmadesimple CMS Made Simple 2.2.18 An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu component. | 7.8 |
| 2023-10-25 | CVE-2023-43360 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.18 Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory parameter in the File Picker Menu component. | 5.4 |
| 2023-10-23 | CVE-2023-43358 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.18 Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component. | 5.4 |
| 2023-10-20 | CVE-2023-43353 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.18 Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component. | 5.4 |
| 2023-10-20 | CVE-2023-43354 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.18 Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component. | 5.4 |
| 2023-10-20 | CVE-2023-43355 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.18 Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component. | 5.4 |
| 2023-10-20 | CVE-2023-43356 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.18 Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component. | 5.4 |