Vulnerabilities > GET Simple

DATE CVE VULNERABILITY TITLE RISK
2024-11-12 CVE-2024-11125 Cross-Site Request Forgery (CSRF) vulnerability in Get-Simple Getsimplecms 3.3.16
A vulnerability was found in GetSimpleCMS 3.3.16 and classified as problematic.
network
low complexity
get-simple CWE-352
4.3
2024-01-08 CVE-2023-51246 Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.3.16
A Cross Site Scripting (XSS) vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page.
network
low complexity
get-simple CWE-79
5.4
2023-11-17 CVE-2023-6188 Code Injection vulnerability in Get-Simple Getsimplecms 3.3.16/3.4.0A
A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a.
network
low complexity
get-simple CWE-94
critical
9.8
2023-10-31 CVE-2023-46040 Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.4.0
Cross Site Scripting vulnerability in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via the a crafted payload to the components.php function.
network
low complexity
get-simple CWE-79
5.4
2023-10-19 CVE-2023-46042 Unspecified vulnerability in Get-Simple Getsimplecms 3.4.0A
An issue in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via a crafted payload to the phpinfo().
network
low complexity
get-simple
critical
9.8
2022-10-18 CVE-2022-41544 Unspecified vulnerability in Get-Simple Getsimple CMS 3.3.16
GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.
network
low complexity
get-simple
critical
9.8
2022-04-27 CVE-2022-1503 Cross-site Scripting vulnerability in Get-Simple Getsimple CMS
A vulnerability, which was classified as problematic, has been found in GetSimple CMS.
network
low complexity
get-simple CWE-79
5.4
2021-08-10 CVE-2021-36601 Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.3.16
GetSimpleCMS 3.3.16 contains a cross-site Scripting (XSS) vulnerability, where Function TSL does not filter check settings.php Website URL: "siteURL" parameter.
network
low complexity
get-simple CWE-79
6.1
2021-08-06 CVE-2020-21353 Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.4.0A
A stored cross site scripting (XSS) vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a allows attackers to execute arbitrary web scripts or HTML via crafted payload in the Edit Snippets module.
network
low complexity
get-simple CWE-79
5.4
2021-06-23 CVE-2020-18660 Open Redirect vulnerability in Get-Simple Getsimplecms
GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.
network
low complexity
get-simple CWE-601
6.1