Cmsmadesimple

Cms Made Simple

155 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.8

CVE-2020-23240

Exploit
  • EPSS 0.31%
  • Veröffentlicht 26.07.2021 21:15:16
  • Zuletzt bearbeitet 21.11.2024 05:13:39

Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.

4.8

CVE-2020-23241

Exploit
  • EPSS 0.31%
  • Veröffentlicht 26.07.2021 21:15:16
  • Zuletzt bearbeitet 21.11.2024 05:13:40

Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.

5.4

CVE-2020-36416

Exploit
  • EPSS 0.28%
  • Veröffentlicht 02.07.2021 18:15:09
  • Zuletzt bearbeitet 21.11.2024 05:29:27

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Design" parameter under the "Designs" module.

5.4

CVE-2020-36408

Exploit
  • EPSS 0.31%
  • Veröffentlicht 02.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:26

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module.

5.4

CVE-2020-36409

Exploit
  • EPSS 0.28%
  • Veröffentlicht 02.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:26

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module.

5.4

CVE-2020-36410

Exploit
  • EPSS 0.28%
  • Veröffentlicht 02.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:26

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter...

5.4

CVE-2020-36411

Exploit
  • EPSS 0.28%
  • Veröffentlicht 02.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:26

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" para...

5.4

CVE-2020-36412

Exploit
  • EPSS 0.28%
  • Veröffentlicht 02.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:26

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module.

5.4

CVE-2020-36413

Exploit
  • EPSS 0.28%
  • Veröffentlicht 02.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:27

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter u...

5.4

CVE-2020-36414

Exploit
  • EPSS 0.32%
  • Veröffentlicht 02.07.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:27

A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL (slug)" or "Extra" fields under the "Add Article" feature.