Vulnerabilities > GET Simple > Getsimple CMS > 3.3.4

DATE CVE VULNERABILITY TITLE RISK
2019-05-22 CVE-2019-11231 Path Traversal vulnerability in Get-Simple Getsimple CMS
An issue was discovered in GetSimple CMS through 3.3.15.
network
low complexity
get-simple CWE-22
critical
 9.8
9.8
2017-03-17 CVE-2014-8723 Information Exposure vulnerability in Get-Simple Getsimple CMS 3.3.4
GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) plugins/anonymous_data.php or (2) plugins/InnovationPlugin.php, which reveals the installation path in an error message.
network
low complexity
get-simple CWE-200
5.3
5.3
2017-03-17 CVE-2014-8722 Information Exposure vulnerability in Get-Simple Getsimple CMS 3.3.4
GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) data/users/<username>.xml, (2) backups/users/<username>.xml.bak, (3) data/other/authorization.xml, or (4) data/other/appid.xml.
network
low complexity
get-simple CWE-200
7.5
7.5