CVE-2019-10017
https://notcve.org/view.php?id=CVE-2019-10017
CMS Made Simple 2.2.10 has XSS via the moduleinterface.php Name field, which is reachable via an "Add a new Profile" action to the File Picker. CMS Made Simple 2.2.10 tiene Cross-Site Scripting (XSS) mediante el campo Name en moduleinterface.php, que es alcanzable mediante la acción "Add a new Profile" en el File Picker. • http://dev.cmsmadesimple.org/bug/view/12001 https://ctrsec.io/index.php/2019/03/24/cmsmadesimple-xss-filepicker • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2019-9692 – CMS Made Simple (CMSMS) Showtime2 - File Upload Remote Code Execution
https://notcve.org/view.php?id=CVE-2019-9692
class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). class.showtime2_image.php en CMS Made Simple (CMSMS), en versiones anteriores a la 2.2.10, no garantiza que un archivo con marca de agua tenga una extensión de archivos estándar (GIF, JPG, JPEG o PNG). • https://www.exploit-db.com/exploits/46627 https://www.exploit-db.com/exploits/46546 http://packetstormsecurity.com/files/152269/CMS-Made-Simple-CMSMS-Showtime2-File-Upload-Remote-Command-Execution.html http://viewsvn.cmsmadesimple.org/diff.php?repname=showtime2&path=%2Ftrunk%2Flib%2Fclass.showtime2_image.php&rev=47 http://www.rapid7.com/db/modules/exploit/multi/http/cmsms_showtime2_rce https://forum.cmsmadesimple.org/viewtopic.php?f=1&t=80285 • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVE-2019-9693
https://notcve.org/view.php?id=CVE-2019-9693
In CMS Made Simple (CMSMS) before 2.2.10, an authenticated user can achieve SQL Injection in class.showtime2_data.php via the functions _updateshow (parameter show_id), _inputshow (parameter show_id), _Getshowinfo (parameter show_id), _Getpictureinfo (parameter picture_id), _AdjustNameSeq (parameter shownumber), _Updatepicture (parameter picture_id), and _Deletepicture (parameter picture_id). En CMS Made Simple (CMSMS), en versiones anteriores a la 2.2.10, un usuario autenticado puede lograr una inyección SQL en class.showtime2_data.php mediante las funciones _updateshow (parámetro show_id), _inputshow (parámetro show_id), _Getshowinfo (parámetro show_id), _Getpictureinfo (parámetro picture_id), _AdjustNameSeq (parámetro shownumber), _Updatepicture (parámetro picture_id) y Deletepicture (parámetro picture_id). • http://viewsvn.cmsmadesimple.org/diff.php?repname=showtime2&path=%2Ftrunk%2Flib%2Fclass.showtime2_data.php&rev=47 https://forum.cmsmadesimple.org/viewtopic.php?f=1&t=80285 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2018-20464
https://notcve.org/view.php?id=CVE-2018-20464
There is a reflected XSS vulnerability in the CMS Made Simple 2.2.8 admin/myaccount.php. This vulnerability is triggered upon an attempt to modify a user's mailbox with the wrong format. The response contains the user's previously entered email address. Hay una vulnerabilidad de Cross-Site Scripting (XSS) reflejado en CMS Made Simple 2.2.8, en admin/myaccount.php. Esta vulnerabilidad se desencadena tras un intento de modificación de la bandeja de entrada de un usuario con el formato erróneo. • https://github.com/Xmansec/cmsms_vul • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-19597
https://notcve.org/view.php?id=CVE-2018-19597
CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798. CMS Made Simple 2.2.8 permite Cross-Site Scripting (XSS) mediante un documento SVG manipulado. Este problema está relacionado con CVE-2017-16798. • https://github.com/security-breachlock/CVE-2018-19597/blob/master/cmssms.pdf • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •