Vulnerabilities > Cmsmadesimple

DATE CVE VULNERABILITY TITLE RISK
2021-09-22 CVE-2020-23481 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
CMS Made Simple 2.2.14 was discovered to contain a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Field Definition text field.
3.5
2021-09-17 CVE-2019-9060 Path Traversal vulnerability in Cmsmadesimple CMS Made Simple 2.2.8
An issue was discovered in CMS Made Simple 2.2.8.
network
low complexity
cmsmadesimple CWE-22
5.0
2021-08-05 CVE-2020-22732 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions > Fie Picker..
3.5
2021-07-26 CVE-2020-23240 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.
3.5
2021-07-26 CVE-2020-23241 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.
3.5
2021-07-02 CVE-2020-36408 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module.
3.5
2021-07-02 CVE-2020-36409 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module.
3.5
2021-07-02 CVE-2020-36410 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module.
3.5
2021-07-02 CVE-2020-36411 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" module.
3.5
2021-07-02 CVE-2020-36412 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module.
3.5