Vulnerabilities > GET Simple > Getsimplecms > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-01-08 | CVE-2023-51246 | Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.3.16 A Cross Site Scripting (XSS) vulnerability in GetSimple CMS 3.3.16 exists when using Source Code Mode as a backend user to add articles via the /admin/edit.php page. | 5.4 |
| 2023-10-31 | CVE-2023-46040 | Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.4.0 Cross Site Scripting vulnerability in GetSimpleCMS v.3.4.0a allows a remote attacker to execute arbitrary code via the a crafted payload to the components.php function. | 5.4 |
| 2021-06-23 | CVE-2020-18660 | Open Redirect vulnerability in Get-Simple Getsimplecms 3.3.13 GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter. | 5.8 |
| 2021-06-23 | CVE-2020-18657 | Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.3.13 Cross Site Scripting (XSS) vulnerability in GetSimpleCMS <= 3.3.15 in admin/changedata.php via the redirect_url parameter and the headers_sent function. | 4.3 |
| 2021-06-23 | CVE-2020-18658 | Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.3.13 Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS <=3.3.15 via the timezone parameter to settings.php. | 4.3 |
| 2021-06-23 | CVE-2020-18659 | Cross-site Scripting vulnerability in Get-Simple Getsimplecms 3.3.13 Cross Site Scripting vulnerability in GetSimpleCMS <=3.3.15 via the (1) sitename, (2) username, and (3) email parameters to /admin/setup.php | 4.3 |
| 2021-06-23 | CVE-2021-28976 | Unrestricted Upload of File with Dangerous Type vulnerability in Get-Simple Getsimplecms 3.3.13 Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess. | 6.5 |
| 2020-10-02 | CVE-2020-18191 | Path Traversal vulnerability in Get-Simple Getsimplecms 3.3.15 GetSimpleCMS-3.3.15 is affected by directory traversal. | 6.4 |
| 2019-03-22 | CVE-2019-9915 | Open Redirect vulnerability in Get-Simple. Getsimplecms 3.3.13 GetSimpleCMS 3.3.13 has an Open Redirect via the admin/index.php redirect parameter. | 5.8 |