Vulnerabilities > Cmsmadesimple

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-28	CVE-2020-13660	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple CMS Made Simple through 2.2.14 allows XSS via a crafted File Picker profile name. network low complexity cmsmadesimple CWE-79	4.8
2020-03-20	CVE-2020-10682	Unrestricted Upload of File with Dangerous Type vulnerability in Cmsmadesimple CMS Made Simple 2.2.13 The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. local low complexity cmsmadesimple CWE-434	7.8
2020-03-20	CVE-2020-10681	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.13 The Filemanager in CMS Made Simple 2.2.13 has stored XSS via a .pxd file, as demonstrated by m1_files[] to admin/moduleinterface.php. network low complexity cmsmadesimple CWE-79	5.4
2019-11-26	CVE-2011-4310	Improper Input Validation vulnerability in Cmsmadesimple CMS Made Simple The news module in CMSMS before 1.9.4.3 allows remote attackers to corrupt new articles. network low complexity cmsmadesimple CWE-20	7.5
2019-10-16	CVE-2019-17630	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.11 CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "News > Add Article" screen. network low complexity cmsmadesimple CWE-79	4.8
2019-10-16	CVE-2019-17629	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.11 CMS Made Simple (CMSMS) 2.2.11 allows stored XSS by an admin via a crafted image filename on the "file manager > upload images" screen. network low complexity cmsmadesimple CWE-79	4.8
2019-10-06	CVE-2019-17226	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.11 CMS Made Simple (CMSMS) 2.2.11 allows XSS via the Site Admin > Module Manager > Search Term field. network low complexity cmsmadesimple CWE-79	4.8
2019-07-16	CVE-2019-1010290	Open Redirect vulnerability in Cmsmadesimple Bable:Multilingual Site Babel: Multilingual site Babel All is affected by: Open Redirection. network low complexity cmsmadesimple CWE-601	6.1
2019-06-05	CVE-2019-11226	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.10 CMS Made Simple 2.2.10 has XSS via the m1_name parameter in "Add Article" under Content -> Content Manager -> News. network low complexity cmsmadesimple CWE-79	5.4
2019-04-25	CVE-2019-11513	Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS via the "New name" field in a Rename action. network low complexity cmsmadesimple CWE-79	4.8

Vulnerabilities > Cmsmadesimple {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Cmsmadesimple"}]}

Vulnerabilities > Cmsmadesimple