Cmsmadesimple » Cms Made Simple : Security Vulnerabilities, CVEs, Published In 2018 (XSS)

CVE-2018-20464

There is a reflected XSS vulnerability in the CMS Made Simple 2.2.8 admin/myaccount.php. This vulnerability is triggered upon an attempt to modify a user's mailbox with the wrong format. The response contains the user's previously entered email address.
Max CVSS
6.1
EPSS Score
0.09%
Published
2018-12-25
Updated
2019-01-10

CVE-2018-19597

CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-12-19
Updated
2019-02-26

CVE-2018-18271

XSS exists in CMS Made Simple version 2.2.7 via the m1_extra parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action.
Max CVSS
6.1
EPSS Score
0.06%
Published
2018-10-12
Updated
2018-11-28

CVE-2018-18270

XSS exists in CMS Made Simple version 2.2.7 via the m1_news_url parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action.
Max CVSS
6.1
EPSS Score
0.06%
Published
2018-10-12
Updated
2018-11-28

CVE-2018-10033

CMS Made Simple (aka CMSMS) 2.2.7 has Stored XSS in admin/siteprefs.php via the metadata parameter.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-04-11
Updated
2018-04-13

CVE-2018-10032

CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_version parameter.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-04-11
Updated
2018-04-13

CVE-2018-10029

CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_name parameter, related to moduledepends, a different vulnerability than CVE-2017-16799.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-04-11
Updated
2018-04-13

CVE-2018-8058

CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via the pagedata parameter.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-03-12
Updated
2018-03-29

CVE-2018-7893

CMS Made Simple (CMSMS) 2.2.6 has stored XSS in admin/moduleinterface.php via the metadata parameter.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-03-12
Updated
2018-03-29

CVE-2018-5965

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_errors parameter.
Max CVSS
4.8
EPSS Score
0.18%
Published
2018-01-25
Updated
2018-02-07

CVE-2018-5964

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_messages parameter.
Max CVSS
4.8
EPSS Score
15.08%
Published
2018-01-25
Updated
2018-02-07

CVE-2018-5963

CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the title parameter.
Max CVSS
4.8
EPSS Score
0.18%
Published
2018-01-25
Updated
2018-02-07
12 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close