Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Get-simple Subscribe
Filtered by product Getsimple Cms
Total 26 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2010-4863 1 Get-simple 1 Getsimple Cms 2018-10-30 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter.
CVE-2015-5356 1 Get-simple 1 Getsimple Cms 2018-10-30 4.3 MEDIUM N/A
Cross-site scripting (XSS) vulnerability in admin/filebrowser.php in GetSimple CMS before 3.3.6 allows remote attackers to inject arbitrary web script or HTML via the func parameter.
CVE-2015-5355 1 Get-simple 1 Getsimple Cms 2018-10-30 4.3 MEDIUM N/A
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS before 3.3.6 allow remote attackers to inject arbitrary web script or HTML via the (1) post-content or (2) post-title parameter to admin/edit.php.
CVE-2018-15843 1 Get-simple 1 Getsimple Cms 2018-10-17 3.5 LOW 4.8 MEDIUM
GetSimple CMS 3.3.14 has XSS via the admin/edit.php "Add New Page" field.
CVE-2018-9173 1 Get-simple 1 Getsimple Cms 2018-05-02 4.3 MEDIUM 6.1 MEDIUM
Cross-site scripting (XSS) vulnerability in admin/template/js/uploadify/uploadify.swf in GetSimple CMS 3.3.13 allows remote attackers to inject arbitrary web script or HTML, as demonstrated by the movieName parameter.
CVE-2014-8723 1 Get-simple 1 Getsimple Cms 2017-03-20 5.0 MEDIUM 5.3 MEDIUM
GetSimple CMS 3.3.4 allows remote attackers to obtain sensitive information via a direct request to (1) plugins/anonymous_data.php or (2) plugins/InnovationPlugin.php, which reveals the installation path in an error message.