CVE-2019-9053 – CMS Made Simple < 2.2.10 - SQL Injection
https://notcve.org/view.php?id=CVE-2019-9053
An issue was discovered in CMS Made Simple 2.2.8. It is possible with the News module, through a crafted URL, to achieve unauthenticated blind time-based SQL injection via the m1_idlist parameter. Se ha descubierto un problema en CMS Made Simple 2.2.8. En el módulo News, mediante una URL manipulada, es posible lograr una inyección SQL ciega basada en tiempo mediante el parámetro m1_idlist. CMS Made Simple versions prior to 2.2.10 suffer from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/46635 https://github.com/e-renna/CVE-2019-9053 https://github.com/Mahamedm/CVE-2019-9053-Exploit-Python-3 https://github.com/N3rdyN3xus/CVE-2019-9053 https://github.com/ELIZEUOPAIN/CVE-2019-9053-CMS-Made-Simple-2.2.10---SQL-Injection-Exploit https://github.com/davcwikla/CVE-2019-9053-exploit https://github.com/kahluri/CVE-2019-9053 https://github.com/fernandobortotti/CVE-2019-9053 https://github.com/byrek/CVE-2019-9053 https:/& • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2019-9693
https://notcve.org/view.php?id=CVE-2019-9693
In CMS Made Simple (CMSMS) before 2.2.10, an authenticated user can achieve SQL Injection in class.showtime2_data.php via the functions _updateshow (parameter show_id), _inputshow (parameter show_id), _Getshowinfo (parameter show_id), _Getpictureinfo (parameter picture_id), _AdjustNameSeq (parameter shownumber), _Updatepicture (parameter picture_id), and _Deletepicture (parameter picture_id). En CMS Made Simple (CMSMS), en versiones anteriores a la 2.2.10, un usuario autenticado puede lograr una inyección SQL en class.showtime2_data.php mediante las funciones _updateshow (parámetro show_id), _inputshow (parámetro show_id), _Getshowinfo (parámetro show_id), _Getpictureinfo (parámetro picture_id), _AdjustNameSeq (parámetro shownumber), _Updatepicture (parámetro picture_id) y Deletepicture (parámetro picture_id). • http://viewsvn.cmsmadesimple.org/diff.php?repname=showtime2&path=%2Ftrunk%2Flib%2Fclass.showtime2_data.php&rev=47 https://forum.cmsmadesimple.org/viewtopic.php?f=1&t=80285 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2019-9692 – CMS Made Simple (CMSMS) Showtime2 - File Upload Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-9692
class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). class.showtime2_image.php en CMS Made Simple (CMSMS), en versiones anteriores a la 2.2.10, no garantiza que un archivo con marca de agua tenga una extensión de archivos estándar (GIF, JPG, JPEG o PNG). • https://www.exploit-db.com/exploits/46627 https://www.exploit-db.com/exploits/46546 http://packetstormsecurity.com/files/152269/CMS-Made-Simple-CMSMS-Showtime2-File-Upload-Remote-Command-Execution.html http://viewsvn.cmsmadesimple.org/diff.php?repname=showtime2&path=%2Ftrunk%2Flib%2Fclass.showtime2_image.php&rev=47 http://www.rapid7.com/db/modules/exploit/multi/http/cmsms_showtime2_rce https://forum.cmsmadesimple.org/viewtopic.php?f=1&t=80285 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2018-20464
https://notcve.org/view.php?id=CVE-2018-20464
There is a reflected XSS vulnerability in the CMS Made Simple 2.2.8 admin/myaccount.php. This vulnerability is triggered upon an attempt to modify a user's mailbox with the wrong format. The response contains the user's previously entered email address. Hay una vulnerabilidad de Cross-Site Scripting (XSS) reflejado en CMS Made Simple 2.2.8, en admin/myaccount.php. Esta vulnerabilidad se desencadena tras un intento de modificación de la bandeja de entrada de un usuario con el formato erróneo. • https://github.com/Xmansec/cmsms_vul • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-19597
https://notcve.org/view.php?id=CVE-2018-19597
CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798. CMS Made Simple 2.2.8 permite Cross-Site Scripting (XSS) mediante un documento SVG manipulado. Este problema está relacionado con CVE-2017-16798. • https://github.com/security-breachlock/CVE-2018-19597/blob/master/cmssms.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •