Get-simple - Getsimple Cms CVE - OpenCVE

Filtered by vendor Get-simple Subscriptions

Filtered by product Getsimple Cms Subscriptions

Total 26 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2012-6621	1 Get-simple	1 Getsimple Cms	2018-10-30	N/A
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Email Address or (2) Custom Permalink Structure fields in admin/settings.php; (3) path parameter to admin/upload.php; (4) err parameter to admin/theme.php; (5) error parameter to admin/pages.php; or (6) success or (7) err parameter to admin/index.php.
CVE-2010-4863	1 Get-simple	1 Getsimple Cms	2018-10-30	N/A
Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter.
CVE-2010-5052	1 Get-simple	1 Getsimple Cms	2018-10-30	N/A
Cross-site scripting (XSS) vulnerability in admin/components.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the val[] parameter.
CVE-2018-15843	1 Get-simple	1 Getsimple Cms	2018-10-17	N/A
GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field.
CVE-2018-9173	1 Get-simple	1 Getsimple Cms	2018-05-02	N/A
Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote attackers to inject arbitrary web script or HTML, as demonstrated by the movieName parameter.
CVE-2014-8723	1 Get-simple	1 Getsimple Cms	2017-03-20	N/A
GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) plugins/anonymous_data.php or (2) plugins/InnovationPlugin.php, which reveals the installation path in an error message.

« first previous Page 2 of 2.