CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36416
https://notcve.org/view.php?id=CVE-2020-36416
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Design" parameter under the "Designs" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Create a new Design" en el módul... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36415
https://notcve.org/view.php?id=CVE-2020-36415
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Stylesheet" parameter under the "Stylesheets" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Create a new Stylesheet"... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36414
https://notcve.org/view.php?id=CVE-2020-36414
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL (slug)" or "Extra" fields under the "Add Article" feature. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en los campos "URL (slug)" o "Extra" en la fu... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36413
https://notcve.org/view.php?id=CVE-2020-36413
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36412
https://notcve.org/view.php?id=CVE-2020-36412
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el campo "Search Text" del módulo "Admin Search" • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36411
https://notcve.org/view.php?id=CVE-2020-36411
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada i... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36410
https://notcve.org/view.php?id=CVE-2020-36410
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar script web o HTML arbitrarios por medio de una carga útil diseñada introducida en el paráme... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36409
https://notcve.org/view.php?id=CVE-2020-36409
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Add Category" del módulo "Categories... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2020-36408
https://notcve.org/view.php?id=CVE-2020-36408
02 Jul 2021 — A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module. Una vulnerabilidad de tipo cross site scripting (XSS) almacenada en CMS Made Simple versión 2.2.14, permite a atacantes autenticados ejecutar scripts web o HTML arbitrario por medio de una carga útil diseñada introducida en el parámetro "Add Shortcut" del módulo "Mana... • http://dev.cmsmadesimple.org/bug/view/12325 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-27377
https://notcve.org/view.php?id=CVE-2020-27377
01 Jun 2021 — A cross-site scripting (XSS) vulnerability was discovered in the Administrator panel on the 'Setting News' module on CMS Made Simple 2.2.14 which allows an attacker to execute arbitrary web scripts. Se ha detectado una vulnerabilidad de tipo cross-site scripting (XSS) en el panel del Administrador del módulo "Setting News" en CMS Made Simple versión 2.2.14, que permite a un atacante ejecutar scripts web arbitrarios • http://dev.cmsmadesimple.org/bug/view/12317 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •