Show filters
44 Total Results
Displaying 41-44 of 44
Sort by:
Attacker Value
Unknown
CVE-2013-7243
Disclosure Date: January 17, 2014 (last updated October 05, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1.2 and 3.2.3 allow remote attackers to inject arbitrary web script or HTML via the (1) post-menu field to edit.php or (2) Display name field to settings.php. NOTE: The Custom Permalink Structure and Email Address fields are already covered by CVE-2012-6621.
0
Attacker Value
Unknown
CVE-2012-6621
Disclosure Date: January 16, 2014 (last updated October 05, 2023)
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Email Address or (2) Custom Permalink Structure fields in admin/settings.php; (3) path parameter to admin/upload.php; (4) err parameter to admin/theme.php; (5) error parameter to admin/pages.php; or (6) success or (7) err parameter to admin/index.php.
0
Attacker Value
Unknown
CVE-2010-5052
Disclosure Date: November 23, 2011 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in admin/components.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the val[] parameter.
0
Attacker Value
Unknown
CVE-2010-4863
Disclosure Date: October 05, 2011 (last updated October 04, 2023)
Cross-site scripting (XSS) vulnerability in admin/changedata.php in GetSimple CMS 2.01 allows remote attackers to inject arbitrary web script or HTML via the post-title parameter.
0
