Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / cmsmadesimple

cmsmadesimple

158 tracked vulnerabilities.

CVE-2018-7893 MEDIUM

CMS Made Simple 2.2.6 - Stored Cross-Site Scripting via Metadata Parameter

CVE-2018-7448 HIGH

CMS Made Simple 2.1.6 - Remote Code Execution via Timezone Parameter in Installation

CVE-2018-5965 MEDIUM

CMS Made Simple 2.2.5 - Cross-Site Scripting via m1_errors Parameter

CVE-2018-5964 MEDIUM

CMS Made Simple 2.2.5 - Cross-Site Scripting via m1_messages Parameter

CVE-2018-5963 MEDIUM

CMS Made Simple 2.2.5 - Stored Cross-Site Scripting via Bookmark Title Parameter

CVE-2017-1000454 HIGH

CMS Made Simple <2.2.1 - Code Injection

CVE-2017-1000453 CRITICAL

CMS Made Simple <2.1.6-2.2 - Code Injection

CVE-2017-17735 CRITICAL

CMS Made Simple < 2.2.5 - Exposure of Sensitive Information via Cookie Caching

CVE-2017-17734 CRITICAL

CMS Made Simple < 2.2.5 - Exposure of Sensitive Information via Session Cache

CVE-2017-16799 MEDIUM

CMS Made Simple 2.2.3.1 - XSS

CVE-2017-16798 MEDIUM

CMS Made Simple 2.2.3.1 - Cross-Site Scripting via File Upload Extension Bypass

CVE-2017-16784 MEDIUM

CMS Made Simple 2.2.2 - Reflected Cross-Site Scripting via cntnt01detailtemplate Parameter

CVE-2017-16783 CRITICAL

CMS Made Simple 2.1.6 - Server-Side Template Injection via cntnt01detailtemplate Parameter

CVE-2017-11405 MEDIUM

CMS Made Simple 2.2.2 - Authenticated Arbitrary File Upload via FilePicker Type Manipulation

CVE-2017-11404 MEDIUM

CMS Made Simple 2.2.2 - Authenticated Arbitrary File Upload via FileManager

CVE-2017-9668 MEDIUM

CMS Made Simple 2.1.6 - Stored Cross-Site Scripting via Group Description Parameter

CVE-2017-8912 HIGH

CMS Made Simple 2.1.6 - Authenticated PHP Code Execution via Edit User Tag

CVE-2017-7257 MEDIUM

CMS Made Simple 2.1.6 - Authenticated Stored Cross-Site Scripting via News Article m1_content Parameter

CVE-2017-7256 MEDIUM

CMS Made Simple 2.1.6 - Authenticated Stored Cross-Site Scripting via News Article Summary Parameter

CVE-2017-7255 MEDIUM

CMS Made Simple 2.1.6 - Authenticated Stored Cross-Site Scripting via News Article m1_title Parameter

CVE-2017-6556 MEDIUM

CMS Made Simple 2.1.6 - Authenticated Stored Cross-Site Scripting via Global Metadata Field

CVE-2017-6555 MEDIUM

CMS Made Simple 2.1.6 - Authenticated Cross-Site Scripting via m1_description Parameter

CVE-2017-6072 MEDIUM

CMS Made Simple Form Builder < 0.8.1.6 - Information Disclosure via Default Admin

CVE-2017-6071 MEDIUM

CMS Made Simple Form Builder < 0.8.1.6 - Information Disclosure via ExportXML

CVE-2017-6070 CRITICAL

CMS Made Simple Form Builder < 0.8.1.6 - Remote Code Execution via cntnt01fbrp_forma_form_template Parameter

Previous Page 5 of 7 Next

Products

cms_made_simple 154 form_builder 3 CMS Made Simple 1 bable\ 1 cmsmadesimple 1 file_manager 1

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy