Vulnerabilities > GET Simple

DATE	CVE	VULNERABILITY TITLE	RISK
2018-08-25	CVE-2018-15843	Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.14 GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field. network low complexity get-simple CWE-79	4.8
2018-04-02	CVE-2018-9173	Cross-site Scripting vulnerability in Get-Simple Getsimple CMS 3.3.13 Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote attackers to inject arbitrary web script or HTML, as demonstrated by the movieName parameter. network low complexity get-simple CWE-79	6.1
2017-06-29	CVE-2017-10673	Cross-site Scripting vulnerability in Get-Simple Getsimple CMS admin/profile.php in GetSimple CMS 3.x has XSS in a name field. network low complexity get-simple CWE-79	6.1
2017-03-17	CVE-2014-8723	Information Exposure vulnerability in Get-Simple Getsimple CMS 3.3.4 GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) plugins/anonymous_data.php or (2) plugins/InnovationPlugin.php, which reveals the installation path in an error message. network low complexity get-simple CWE-200	5.3
2017-03-17	CVE-2014-8722	Information Exposure vulnerability in Get-Simple Getsimple CMS 3.3.4 GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) data/users/<username>.xml, (2) backups/users/<username>.xml.bak, (3) data/other/authorization.xml, or (4) data/other/appid.xml. network low complexity get-simple CWE-200	7.5

Vulnerabilities > GET Simple {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"GET Simple"}]}

Vulnerabilities > GET Simple