CVE-2017-6072
https://notcve.org/view.php?id=CVE-2017-6072
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via defaultadmin. CMS Made Simple versión 1.x Form Builder antes de la versión 0.8.1.6 permite a atacantes remotos llevar a cabo ataques de divulgación de información a través de defaultadmin. • http://dev.cmsmadesimple.org/project/files/69 https://daylight-it.com/security-advisory-dlcs0001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-6070
https://notcve.org/view.php?id=CVE-2017-6070
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form. CMS Made Simple versión 1.x Form Builder antes de la versión 0.8.1.6 permite a atacantes remotos ejecutar código PHP a través del parámetro cntnt01fbrp_forma_form_template en admin_store_form. • http://dev.cmsmadesimple.org/project/files/69 https://daylight-it.com/security-advisory-dlcs0001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2017-6071
https://notcve.org/view.php?id=CVE-2017-6071
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via exportxml. CMS Made Simple versión 1.x Form Builder antes de la versión 0.8.1.6 permite a atacantes remotos llevar a cabo ataques de divulgación de información a través de exportxml. • http://dev.cmsmadesimple.org/project/files/69 https://daylight-it.com/security-advisory-dlcs0001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •