Vulnerabilities > Cmsmadesimple

DATE	CVE	VULNERABILITY TITLE	RISK
2021-09-17	CVE-2019-9060	Path Traversal vulnerability in Cmsmadesimple CMS Made Simple 2.2.8 An issue was discovered in CMS Made Simple 2.2.8. network low complexity cmsmadesimple CWE-22	5.0
2021-08-05	CVE-2020-22732	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions > Fie Picker.. network cmsmadesimple CWE-79	3.5
2021-07-26	CVE-2020-23240	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature. network cmsmadesimple CWE-79	3.5
2021-07-26	CVE-2020-23241	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature. network cmsmadesimple CWE-79	3.5
2021-07-02	CVE-2020-36408	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module. network cmsmadesimple CWE-79	3.5
2021-07-02	CVE-2020-36409	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module. network cmsmadesimple CWE-79	3.5
2021-07-02	CVE-2020-36410	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module. network cmsmadesimple CWE-79	3.5
2021-07-02	CVE-2020-36411	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" module. network cmsmadesimple CWE-79	3.5
2021-07-02	CVE-2020-36412	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module. network cmsmadesimple CWE-79	3.5
2021-07-02	CVE-2020-36413	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module. network cmsmadesimple CWE-79	3.5

Vulnerabilities > Cmsmadesimple {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cmsmadesimple"}]}

Vulnerabilities > Cmsmadesimple