Show filters
17 Total Results
Displaying 1-10 of 17
Sort by:
Attacker Value
Unknown
CVE-2020-23481
Disclosure Date: September 22, 2021 (last updated February 23, 2025)
CMS Made Simple 2.2.14 was discovered to contain a cross-site scripting (XSS) vulnerability which allows attackers to execute arbitrary web scripts or HTML via a crafted payload in the Field Definition text field.
0
Attacker Value
Unknown
CVE-2020-22732
Disclosure Date: August 05, 2021 (last updated February 23, 2025)
CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions > Fie Picker..
0
Attacker Value
Unknown
CVE-2020-23241
Disclosure Date: July 26, 2021 (last updated February 23, 2025)
Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.
0
Attacker Value
Unknown
CVE-2020-23240
Disclosure Date: July 26, 2021 (last updated February 23, 2025)
Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.
0
Attacker Value
Unknown
CVE-2020-36416
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Design" parameter under the "Designs" module.
0
Attacker Value
Unknown
CVE-2020-36410
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module.
0
Attacker Value
Unknown
CVE-2020-36408
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module.
0
Attacker Value
Unknown
CVE-2020-36413
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module.
0
Attacker Value
Unknown
CVE-2020-36409
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module.
0
Attacker Value
Unknown
CVE-2020-36414
Disclosure Date: July 02, 2021 (last updated February 22, 2025)
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL (slug)" or "Extra" fields under the "Add Article" feature.
0
