3 results (0.008 seconds)

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1

CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via defaultadmin. CMS Made Simple versión 1.x Form Builder antes de la versión 0.8.1.6 permite a atacantes remotos llevar a cabo ataques de divulgación de información a través de defaultadmin. • http://dev.cmsmadesimple.org/project/files/69 https://daylight-it.com/security-advisory-dlcs0001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.8EPSS: 0%CPEs: 2EXPL: 1

CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form. CMS Made Simple versión 1.x Form Builder antes de la versión 0.8.1.6 permite a atacantes remotos ejecutar código PHP a través del parámetro cntnt01fbrp_forma_form_template en admin_store_form. • http://dev.cmsmadesimple.org/project/files/69 https://daylight-it.com/security-advisory-dlcs0001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.3EPSS: 0%CPEs: 2EXPL: 1

CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via exportxml. CMS Made Simple versión 1.x Form Builder antes de la versión 0.8.1.6 permite a atacantes remotos llevar a cabo ataques de divulgación de información a través de exportxml. • http://dev.cmsmadesimple.org/project/files/69 https://daylight-it.com/security-advisory-dlcs0001.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •