Vulnerabilities > GET Simple > Getsimple CMS > 3.3.0
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2019-05-22 | CVE-2019-11231 | Path Traversal vulnerability in Get-Simple Getsimple CMS An issue was discovered in GetSimple CMS through 3.3.15. | 5.0 |
2017-06-29 | CVE-2017-10673 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS admin/profile.php in GetSimple CMS 3.x has XSS in a name field. | 4.3 |
2015-07-01 | CVE-2015-5356 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter. | 4.3 |
2015-07-01 | CVE-2015-5355 | Cross-site Scripting vulnerability in Get-Simple Getsimple CMS Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post-content or (2) post-title parameter to admin/edit.php. | 4.3 |
2015-01-20 | CVE-2014-8790 | XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before 3.3.5 Beta 1, when in certain configurations, allows remote attackers to read arbitrary files via the data parameter. | 5.0 |