Vulnerabilities > Cmsmadesimple > CMS Made Simple > 0.12
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-05-08 | CVE-2021-28998 | Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file. | 7.2 |
| 2023-05-08 | CVE-2021-28999 | SQL Injection vulnerability in Cmsmadesimple CMS Made Simple SQL Injection vulnerability in CMS Made Simple through 2.2.15 allows remote attackers to execute arbitrary commands via the m1_sortby parameter to modules/News/function.admin_articlestab.php. | 8.8 |
| 2022-06-09 | CVE-2021-40961 | SQL Injection vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple <=2.2.15 is affected by SQL injection in modules/News/function.admin_articlestab.php. | 8.8 |
| 2020-09-30 | CVE-2020-22842 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple before 2.2.15 allows XSS via the m1_mod parameter in a ModuleManager local_uninstall action to admin/moduleinterface.php. | 5.4 |
| 2020-05-28 | CVE-2020-13660 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name. | 4.8 |
| 2019-11-26 | CVE-2011-4310 | Improper Input Validation vulnerability in Cmsmadesimple CMS Made Simple The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. | 7.5 |
| 2019-04-25 | CVE-2019-11513 | Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS via the "New name" field in a Rename action. | 4.8 |
| 2019-03-26 | CVE-2019-9061 | Unspecified vulnerability in Cmsmadesimple CMS Made Simple An issue was discovered in CMS Made Simple 2.2.8. | 8.8 |
| 2019-03-26 | CVE-2019-9059 | Command Injection vulnerability in Cmsmadesimple CMS Made Simple An issue was discovered in CMS Made Simple 2.2.8. | 7.2 |
| 2019-03-26 | CVE-2019-9058 | Unspecified vulnerability in Cmsmadesimple CMS Made Simple An issue was discovered in CMS Made Simple 2.2.8. | 7.2 |