Jason Jacobs

1 exploit Active since Jul 2024
CVE-2024-39248 NOMISEC MEDIUM WORKING POC
SimpCMS 0.1 - Stored Cross-Site Scripting via Title Field
A cross-site scripting (XSS) vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php.
1 stars
CVSS 5.4