Show filters
5 Total Results
Displaying 1-5 of 5
Sort by:
Attacker Value
Unknown

CVE-2019-11226

Disclosure Date: June 05, 2019 (last updated November 27, 2024)
CMS Made Simple 2.2.10 has XSS via the m1_name parameter in "Add Article" under Content -> Content Manager -> News.
0
0
Attacker Value
Unknown

CVE-2019-10107

Disclosure Date: March 26, 2019 (last updated November 27, 2024)
CMS Made Simple 2.2.10 has XSS via the myaccount.php "Email Address" field, which is reachable via the "My Preferences -> My Account" section.
0
0
Attacker Value
Unknown

CVE-2019-10106

Disclosure Date: March 26, 2019 (last updated November 27, 2024)
CMS Made Simple 2.2.10 has XSS via the 'moduleinterface.php' Name field, which is reachable via an "Add Category" action to the "Site Admin Settings - News module" section.
0
0
Attacker Value
Unknown

CVE-2019-10105

Disclosure Date: March 26, 2019 (last updated November 27, 2024)
CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager.
0
0
Attacker Value
Unknown

CVE-2019-10017

Disclosure Date: March 24, 2019 (last updated November 27, 2024)
CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker.
0
0