Vulnerabilities > Cmsmadesimple

DATE CVE VULNERABILITY TITLE RISK
2021-07-26 CVE-2020-23240 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.
3.5
2021-07-26 CVE-2020-23241 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.
3.5
2021-07-02 CVE-2020-36408 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module.
3.5
2021-07-02 CVE-2020-36409 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module.
3.5
2021-07-02 CVE-2020-36410 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module.
3.5
2021-07-02 CVE-2020-36411 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" module.
3.5
2021-07-02 CVE-2020-36412 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module.
3.5
2021-07-02 CVE-2020-36413 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module.
3.5
2021-07-02 CVE-2020-36414 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL (slug)" or "Extra" fields under the "Add Article" feature.
3.5
2021-07-02 CVE-2020-36415 Cross-Site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Stylesheet" parameter under the "Stylesheets" module.
3.5