Vulnerabilities > GET Simple

DATE CVE VULNERABILITY TITLE RISK
2021-06-23 CVE-2020-18660 Open Redirect vulnerability in Get-Simple Getsimplecms 3.3.13
GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.
5.8
2021-06-23 CVE-2020-18657 Cross-Site Scripting vulnerability in Get-Simple Getsimplecms 3.3.13
Cross Site Scripting (XSS) vulnerability in GetSimpleCMS <= 3.3.15 in admin/changedata.php via the redirect_url parameter and the headers_sent function.
network
get-simple CWE-79
4.3
2021-06-23 CVE-2020-18658 Cross-Site Scripting vulnerability in Get-Simple Getsimplecms 3.3.13
Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS <=3.3.15 via the timezone parameter to settings.php.
network
get-simple CWE-79
4.3
2021-06-23 CVE-2020-18659 Cross-Site Scripting vulnerability in Get-Simple Getsimplecms 3.3.13
Cross Site Scripting vulnerability in GetSimpleCMS <=3.3.15 via the (1) sitename, (2) username, and (3) email parameters to /admin/setup.php
network
get-simple CWE-79
4.3
2021-06-23 CVE-2020-20389 Cross-Site Scripting vulnerability in Get-Simple Getsimplecms 3.4.0
Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php.
network
get-simple CWE-79
3.5
2021-06-23 CVE-2020-20391 Cross-Site Scripting vulnerability in Get-Simple Getsimplecms 3.4.0
Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets.
network
get-simple CWE-79
3.5
2021-06-23 CVE-2021-28976 Unrestricted Upload of File With Dangerous Type vulnerability in Get-Simple Getsimplecms 3.3.13
Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess.
network
low complexity
get-simple CWE-434
6.5
2021-06-23 CVE-2021-28977 Cross-Site Scripting vulnerability in Get-Simple Getsimplecms 3.3.13
Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,
network
get-simple CWE-79
3.5
2020-10-02 CVE-2020-18191 Path Traversal vulnerability in Get-Simple Getsimplecms 3.3.15
GetSimpleCMS-3.3.15 is affected by directory traversal.
network
low complexity
get-simple CWE-22
6.4
2020-10-01 CVE-2020-24861 Cross-Site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.16
GetSimple CMS 3.3.16 allows in parameter 'permalink' on the Settings page persistent Cross Site Scripting which is executed when you create and open a new page
network
get-simple CWE-79
3.5