Vulnerabilities > GET Simple > Getsimple CMS > 3.2.3

DATE CVE VULNERABILITY TITLE RISK
2019-05-22 CVE-2019-11231 Path Traversal vulnerability in Get-Simple Getsimple CMS
An issue was discovered in GetSimple CMS through 3.3.15.
network
low complexity
get-simple CWE-22
5.0
5.0
2017-06-29 CVE-2017-10673 Cross-site Scripting vulnerability in Get-Simple Getsimple CMS
admin/profile.php in GetSimple CMS 3.x has XSS in a name field.
network
get-simple CWE-79
4.3
4.3
2015-07-01 CVE-2015-5356 Cross-site Scripting vulnerability in Get-Simple Getsimple CMS
Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter.
network
get-simple CWE-79
4.3
4.3
2015-07-01 CVE-2015-5355 Cross-site Scripting vulnerability in Get-Simple Getsimple CMS
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post-content or (2) post-title parameter to admin/edit.php.
network
get-simple CWE-79
4.3
4.3
2015-01-20 CVE-2014-8790 XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before 3.3.5 Beta 1, when in certain configurations, allows remote attackers to read arbitrary files via the data parameter.
network
low complexity
cagintranetworks get-simple
5.0
5.0
2014-01-17 CVE-2013-7243 Cross-Site Scripting vulnerability in Get-Simple Getsimple CMS 3.1.2/3.2.3
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) post-menu field to edit.php or (2) Display name field to settings.php.
network
get-simple CWE-79
4.3
4.3
2014-01-16 CVE-2012-6621 Cross-Site Scripting vulnerability in Get-Simple Getsimple CMS
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Email Address or (2) Custom Permalink Structure fields in admin/settings.php; (3) path parameter to admin/upload.php; (4) err parameter to admin/theme.php; (5) error parameter to admin/pages.php; or (6) success or (7) err parameter to admin/index.php.
network
get-simple CWE-79
4.3
4.3