NotCVE - vendor:"Cmsmadesimple" product:"Cms Made Simple" version:"1.11.10"

Page 5 of 43 results (0.004 seconds)

CVSS: 4.7EPSS: 6%CPEs: 80EXPL: 2

CVE-2016-2784 – CMS Made Simple < 1.12.1 / < 2.1.3 - Web Server Cache Poisoning

https://notcve.org/view.php?id=CVE-2016-2784

03 May 2016 — CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request. CMS Made Simple 2.x en versiones anteriores a 2.1.3 y 1.x en versiones anteriores a 1.12.2, cuando está activada la Smarty Cache, permiten a atacantes remotos llevar a cabo ataques de envenenamiento de la caché, modificar enlaces y llevar a cabo ataques de se... • https://packetstorm.news/files/id/136897 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2

CVE-2014-2092

https://notcve.org/view.php?id=CVE-2014-2092

02 Mar 2014 — Cross-site scripting (XSS) vulnerability in lib/filemanager/ImageManager/editorFrame.php in CMS Made Simple 1.11.10 allows remote attackers to inject arbitrary web script or HTML via the action parameter, a different issue than CVE-2014-0334. NOTE: the original disclosure also reported issues that may not cross privilege boundaries. Vulnerabilidad de XSS en lib/filemanager/ImageManager/editorFrame.php en CMS Made Simple 1.11.10 permite a atacantes remotos inyectar script Web o HTML arbitrarios a través del ... • http://packetstormsecurity.com/files/125353/CMSMadeSimple-1.11.10-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0

CVE-2005-2392

https://notcve.org/view.php?id=CVE-2005-2392

27 Jul 2005 — Cross-site scripting (XSS) vulnerability in index.php for CMSimple 2.4 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in the search function. Vulnerabilidad de secuencia de comandos en sitios cruzados en index.php para CMSSimple 2.4 y anteriores permite que atacantes remotos inyecten script web arbitrario o HTML mediante el parámetro "search" en la función de búsqueda. • http://lostmon.blogspot.com/2005/07/cmsimple-search-variable-xss.html •

1...3 4 5