Vulnerabilities > GET Simple > Getsimple CMS > 1.71
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-01-02 | CVE-2013-1420 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.2.1 allow remote attackers to inject arbitrary web script or HTML via the (1) id parameter to backup-edit.php; (2) title or (3) menu parameter to edit.php; or (4) path or (5) returnid parameter to filebrowser.php in admin/. | 4.3 |
2019-05-22 | CVE-2019-11231 | Path Traversal vulnerability in Get-Simple Getsimple CMS An issue was discovered in GetSimple CMS through 3.3.15. | 5.0 |
2015-07-01 | CVE-2015-5356 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter. | 4.3 |
2015-07-01 | CVE-2015-5355 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post-content or (2) post-title parameter to admin/edit.php. | 4.3 |
2014-01-16 | CVE-2012-6621 | Cross-Site Scripting vulnerability in Get-Simple Getsimple CMS Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Email Address or (2) Custom Permalink Structure fields in admin/settings.php; (3) path parameter to admin/upload.php; (4) err parameter to admin/theme.php; (5) error parameter to admin/pages.php; or (6) success or (7) err parameter to admin/index.php. | 4.3 |