Page 6 of 36 results (0.006 seconds)

CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1

cmsmadesimple version 2.2.7 contains a Incorrect Access Control vulnerability in the function of send_recovery_email in the line "$url = $config['admin_url'] . '/login.php?recoverme=' . $code;" that can result in Administrator Password Reset Poisoning, specifically a reset URL pointing at an attacker controlled server can be created by using a host header attack. cmsmadesimple 2.2.7 contiene una vulnerabilidad de control de acceso incorrecto en la función send_recovery_email en la línea "$url = $config['admin_url'] . '/login.php? • http://dev.cmsmadesimple.org/bug/view/11762 • CWE-732: Incorrect Permission Assignment for Critical Resource •

CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1

CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e" substring. CMS Made Simple (CMSMS) hasta la versión 2.2.6 contiene una vulnerabilidad de restablecimiento de contraseña de administrador debido a que los valores de datos se comparan de forma incorrecta. Esto se demuestra con un hash que empieza con la subcadena "0e". • https://github.com/itodaro/cve/blob/master/README.md • CWE-640: Weak Password Recovery Mechanism for Forgotten Password •

CVSS: 7.2EPSS: 0%CPEs: 1EXPL: 1

CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execution vulnerability in the admin dashboard because the implementation uses "eval('function testfunction'.rand()" and it is possible to bypass certain restrictions on these "testfunction" functions. CMS Made Simple (CMSMS) hasta la versión 2.2.7 contiene una vulnerabilidad de ejecución de código arbitrario en el panel de administración debido a que la implementación emplea "eval('function testfunction'.rand()" y es posible omitir ciertas restricciones en estas funciones "testfunction". • https://github.com/itodaro/cve/blob/master/README.md • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modules\FilePicker does not restrict the val parameter. CMS Made Simple (CMSMS) hasta la versión 2.2.7 contiene una vulnerabilidad de borrado de archivos arbitrarios en el panel admin mediante secuencias de salto de directorio en el parámetro val con una petición cmd=del. Esto se debe a que el código en modules\FilePicker no restringe el parámetro val. • https://github.com/itodaro/cve/blob/master/README.md • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 1

CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or /lib/tasks/class.CmsSecurityCheck.task.php. CMS Made Simple (CMSMS) hasta la versión 2.2.7 permite el filtrado de la ruta física mediante un valor /index.php?page= no válido, un URI manipulado que comience por /index.php? • https://github.com/itodaro/cve/blob/master/README.md • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •