Page 14 of 78 results (0.008 seconds)

CVSS: 5.0EPSS: 1%CPEs: 1EXPL: 2

Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie. Vulnerabilidad de salto de directorio en admin/login.php en CMS Made Simple v1.4.1 permitiria a atacantes remotos leer ficheros a su eleccion a traves de .. (doble punto) en la cookie cms_language. • https://www.exploit-db.com/exploits/7285 http://secunia.com/advisories/32924 http://securityreason.com/securityalert/4775 http://www.securityfocus.com/bid/32535 http://www.vupen.com/english/advisories/2008/3306 https://exchange.xforce.ibmcloud.com/vulnerabilities/46942 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 7.5EPSS: 13%CPEs: 1EXPL: 2

Incomplete blacklist vulnerability in javaUpload.php in Postlet in the FileManager module in CMS Made Simple 1.2.4 and earlier allows remote attackers to execute arbitrary code by uploading a file with a name ending in (1) .jsp, (2) .php3, (3) .cgi, (4) .dhtml, (5) .phtml, (6) .php5, or (7) .jar, then accessing it via a direct request to the file in modules/FileManager/postlet/. Vulnerabilidad de lista negra incompleta en javaUpload.php de Postlet en el módulo FileManager de CMS Made Simple 1.2.4 y versiones anteriores permite a atacantes remotos ejecutar código de su elección mediante la subida de un fichero con un nombre finalizado en (1) .jsp, (2) .php3, (3) .cgi, (4) .dhtml, (5) .phtml, (6) .php5, o (7) .jar, entonces accede a través de una petición directa a el fichero en modules/FileManager/postlet/. • https://www.exploit-db.com/exploits/5600 http://blog.cmsmadesimple.org/2008/05/12/announcing-cms-made-simple-125 http://secunia.com/advisories/30208 http://www.attrition.org/pipermail/vim/2008-May/001978.html http://www.securityfocus.com/bid/29170 https://exchange.xforce.ibmcloud.com/vulnerabilities/42371 • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 5%CPEs: 1EXPL: 1

SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid parameter. Vulnerabilidad de inyección SQL en content_css.php del módulo TinyMCE para CMS Made Simple 1.2.2 y versiones anteriores permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro templateid. • https://www.exploit-db.com/exploits/4810 http://blog.cmsmadesimple.org/2008/01/02/announcing-cms-made-simple-123 http://forum.cmsmadesimple.org/index.php/topic%2C18240.0.html http://osvdb.org/39788 http://secunia.com/advisories/28285 http://www.securityfocus.com/bid/27074 https://exchange.xforce.ibmcloud.com/vulnerabilities/39311 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 3.5EPSS: 0%CPEs: 1EXPL: 0

CMS Made Simple 1.1.3.1 does not check the permissions assigned to users who attempt uploads, which allows remote authenticated users to upload unspecified files via unknown vectors. CMS Made Simple 1.1.3.1 no comprueba los permisos asignados a los usuarios que intentan enviar archivos, lo cual permite a usuarios autenticados remotamente enviar archivos no especificados a través de vectores desconocidos. • http://securityreason.com/securityalert/3223 http://www.securityfocus.com/archive/1/481984/100/0/threaded • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0

CMS Made Simple 1.1.3.1 does not check the permissions assigned to users in some situations, which allows remote authenticated users to perform some administrative actions, as demonstrated by (1) adding a user via a direct request to admin/adduser.php and (2) reading the admin log via an "admin/adminlog.php?page=1" request. CMS Made Simple 1.1.3.1 no comprueba los permisos asignados a los usuarios en algunas situaciones, lo cual permite a usuarios remotos autenticados llevar a cabo algunas acciones administrativas, como se ha demostrado (1) añadiendo un usuario mediante una petición directa a admin/adduser.php y (2) leyendo el archivo de registro de administración mediante una petición "admin/adminlog.php?page=1". • http://blog.cmsmadesimple.org/2007/10/07/announcing-cms-made-simple-1141 http://osvdb.org/45481 http://securityreason.com/securityalert/3223 http://www.securityfocus.com/archive/1/481984/100/0/threaded • CWE-264: Permissions, Privileges, and Access Controls •