Show filters
150 Total Results
Displaying 31-40 of 150
Sort by:
Attacker Value
Unknown
CVE-2020-36408
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module.
0
Attacker Value
Unknown
CVE-2020-36413
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module.
0
Attacker Value
Unknown
CVE-2020-36409
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module.
0
Attacker Value
Unknown
CVE-2020-36414
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL (slug)" or "Extra" fields under the "Add Article" feature.
0
Attacker Value
Unknown
CVE-2020-36411
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" module.
0
Attacker Value
Unknown
CVE-2020-36415
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Stylesheet" parameter under the "Stylesheets" module.
0
Attacker Value
Unknown
CVE-2020-36412
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module.
0
Attacker Value
Unknown
CVE-2020-27377
Disclosure Date: June 01, 2021 (last updated February 22, 2025)
A cross-site scripting (XSS) vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts.
0
Attacker Value
Unknown
CVE-2021-28935
Disclosure Date: March 30, 2021 (last updated February 22, 2025)
CMS Made Simple (CMSMS) 2.2.15 allows authenticated XSS via the /admin/addbookmark.php script through the Site Admin > My Preferences > Title field.
0
Attacker Value
Unknown
CVE-2020-20138
Disclosure Date: December 17, 2020 (last updated February 22, 2025)
Cross Site Scripting (XSS) vulnerability in the Showtime2 Slideshow module in CMS Made Simple (CMSMS) 2.2.4.
0
