Vulnerabilities > GET Simple > Getsimplecms
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-06-23 | CVE-2020-20391 | Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.4.0 Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets. | 3.5 |
| 2021-06-23 | CVE-2021-28976 | Unrestricted Upload of File with Dangerous Type vulnerability in Get-Simple Getsimplecms 3.3.13 Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess. | 6.5 |
| 2021-06-23 | CVE-2021-28977 | Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.3.13 Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files, | 3.5 |
| 2020-10-02 | CVE-2020-18191 | Path Traversal vulnerability in Get-Simple Getsimplecms 3.3.15 GetSimpleCMS-3.3.15 is affected by directory traversal. | 6.4 |
| 2019-03-22 | CVE-2019-9915 | Open Redirect vulnerability in Get-Simple. Getsimplecms 3.3.13 GetSimpleCMS 3.3.13 has an Open Redirect via the admin/index.php redirect parameter. | 5.8 |