Vulnerabilities > Cmsmadesimple

DATE CVE VULNERABILITY TITLE RISK
2019-04-11 CVE-2019-9056 Deserialization of Untrusted Data vulnerability in Cmsmadesimple CMS Made Simple 2.2.8
An issue was discovered in CMS Made Simple 2.2.8.
network
low complexity
cmsmadesimple CWE-502
8.8
2019-03-26 CVE-2019-10107 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.10
CMS Made Simple 2.2.10 has XSS via the myaccount.php "Email Address" field, which is reachable via the "My Preferences -> My Account" section.
network
low complexity
cmsmadesimple CWE-79
5.4
2019-03-26 CVE-2019-10106 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.10
CMS Made Simple 2.2.10 has XSS via the 'moduleinterface.php' Name field, which is reachable via an "Add Category" action to the "Site Admin Settings - News module" section.
network
low complexity
cmsmadesimple CWE-79
5.4
2019-03-26 CVE-2019-10105 Cross-site Scripting vulnerability in Cmsmadesimple CMS Made Simple 2.2.10
CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager.
network
low complexity
cmsmadesimple CWE-79
5.4
2019-03-26 CVE-2019-9061 Unspecified vulnerability in Cmsmadesimple CMS Made Simple
An issue was discovered in CMS Made Simple 2.2.8.
network
low complexity
cmsmadesimple
8.8
2019-03-26 CVE-2019-9059 Command Injection vulnerability in Cmsmadesimple CMS Made Simple
An issue was discovered in CMS Made Simple 2.2.8.
network
low complexity
cmsmadesimple CWE-77
7.2
2019-03-26 CVE-2019-9058 Unspecified vulnerability in Cmsmadesimple CMS Made Simple
An issue was discovered in CMS Made Simple 2.2.8.
network
low complexity
cmsmadesimple
7.2
2019-03-26 CVE-2019-9057 Improperly Controlled Modification of Dynamically-Determined Object Attributes vulnerability in Cmsmadesimple CMS Made Simple
An issue was discovered in CMS Made Simple 2.2.8.
network
low complexity
cmsmadesimple CWE-915
8.8
2019-03-26 CVE-2019-9055 Deserialization of Untrusted Data vulnerability in Cmsmadesimple CMS Made Simple
An issue was discovered in CMS Made Simple 2.2.8.
network
low complexity
cmsmadesimple CWE-502
8.8
2019-03-26 CVE-2019-9053 SQL Injection vulnerability in Cmsmadesimple CMS Made Simple 2.2.8
An issue was discovered in CMS Made Simple 2.2.8.
network
high complexity
cmsmadesimple CWE-89
8.1