Vulnerabilities > GET Simple > Getsimple CMS > 3.3.0

DATE CVE VULNERABILITY TITLE RISK
2019-05-22 CVE-2019-11231 Path Traversal vulnerability in Get-Simple Getsimple CMS
An issue was discovered in GetSimple CMS through 3.3.15.
network
low complexity
get-simple CWE-22
5.0
5.0
2017-06-29 CVE-2017-10673 Cross-site Scripting vulnerability in Get-Simple Getsimple CMS
admin/profile.php in GetSimple CMS 3.x has XSS in a name field.
network
get-simple CWE-79
4.3
4.3
2015-07-01 CVE-2015-5356 Cross-site Scripting vulnerability in Get-Simple Getsimple CMS
Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter.
network
get-simple CWE-79
4.3
4.3
2015-07-01 CVE-2015-5355 Cross-site Scripting vulnerability in Get-Simple Getsimple CMS
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post-content or (2) post-title parameter to admin/edit.php.
network
get-simple CWE-79
4.3
4.3
2015-01-20 CVE-2014-8790 XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before 3.3.5 Beta 1, when in certain configurations, allows remote attackers to read arbitrary files via the data parameter.
network
low complexity
cagintranetworks get-simple
5.0
5.0