Vulnerabilities > Cmsmadesimple

DATE	CVE	VULNERABILITY TITLE	RISK
2020-09-30	CVE-2020-22842	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple before 2.2.15 allows XSS via the m1_mod parameter in a ModuleManager local_uninstall action to admin/moduleinterface.php. network low complexity cmsmadesimple CWE-79	5.4
2020-08-14	CVE-2020-17462	Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 CMS Made Simple 2.2.14 allows Authenticated Arbitrary File Upload because the File Manager does not block .ptar files, a related issue to CVE-2017-16798. local low complexity cmsmadesimple CWE-434	7.8
2020-06-19	CVE-2020-14926	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.14 CMS Made Simple 2.2.14 allows XSS via a Search Term to the admin/moduleinterface.php?mact=ModuleManager page. network low complexity cmsmadesimple CWE-79	5.4
2020-05-28	CVE-2020-13660	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name. network low complexity cmsmadesimple CWE-79	4.8
2020-03-20	CVE-2020-10682	Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.13 The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. local low complexity cmsmadesimple CWE-434	7.8
2020-03-20	CVE-2020-10681	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.13 The Filemanager in CMS Made Simple 2.2.13 has stored XSS via a .pxd file, as demonstrated by m1_files[] to admin/moduleinterface.php. network low complexity cmsmadesimple CWE-79	5.4
2019-11-26	CVE-2011-4310	Improper Input Validation vulnerability in Cmsmadesimple CMS Made Simple The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. network low complexity cmsmadesimple CWE-20	7.5
2019-10-16	CVE-2019-17630	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.11 CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "News > Add Article" screen. network low complexity cmsmadesimple CWE-79	4.8
2019-10-16	CVE-2019-17629	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.11 CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "file manager > upload images" screen. network low complexity cmsmadesimple CWE-79	4.8
2019-10-06	CVE-2019-17226	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.11 CMS Made Simple (CMSMS) 2.2.11 allows XSS via the Site Admin > Module Manager > Search Term field. network low complexity cmsmadesimple CWE-79	4.8

Vulnerabilities > Cmsmadesimple {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cmsmadesimple"}]}

Vulnerabilities > Cmsmadesimple