Cmsmadesimple » Cms Made Simple : Security Vulnerabilities, CVEs, Published In 2018 (XSS)
There is a reflected XSS vulnerability in the CMS Made Simple 2.2.8 admin/myaccount.php. This vulnerability is triggered upon an attempt to modify a user's mailbox with the wrong format. The response contains the user's previously entered email address.
Max CVSS
6.1
EPSS Score
0.09%
Published
2018-12-25
Updated
2019-01-10
CMS Made Simple 2.2.8 allows XSS via an uploaded SVG document, a related issue to CVE-2017-16798.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-12-19
Updated
2019-02-26
XSS exists in CMS Made Simple version 2.2.7 via the m1_extra parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action.
Max CVSS
6.1
EPSS Score
0.06%
Published
2018-10-12
Updated
2018-11-28
XSS exists in CMS Made Simple version 2.2.7 via the m1_news_url parameter in an admin/moduleinterface.php "Content-->News-->Add Article" action.
Max CVSS
6.1
EPSS Score
0.06%
Published
2018-10-12
Updated
2018-11-28
CMS Made Simple (aka CMSMS) 2.2.7 has Stored XSS in admin/siteprefs.php via the metadata parameter.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-04-11
Updated
2018-04-13
CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_version parameter.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-04-11
Updated
2018-04-13
CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_name parameter, related to moduledepends, a different vulnerability than CVE-2017-16799.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-04-11
Updated
2018-04-13
CMS Made Simple (CMSMS) 2.2.6 has XSS in admin/moduleinterface.php via the pagedata parameter.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-03-12
Updated
2018-03-29
CMS Made Simple (CMSMS) 2.2.6 has stored XSS in admin/moduleinterface.php via the metadata parameter.
Max CVSS
4.8
EPSS Score
0.06%
Published
2018-03-12
Updated
2018-03-29
CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_errors parameter.
Max CVSS
4.8
EPSS Score
0.18%
Published
2018-01-25
Updated
2018-02-07
CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/moduleinterface.php via the m1_messages parameter.
Max CVSS
4.8
EPSS Score
15.08%
Published
2018-01-25
Updated
2018-02-07
CMS Made Simple (CMSMS) 2.2.5 has XSS in admin/addbookmark.php via the title parameter.
Max CVSS
4.8
EPSS Score
0.18%
Published
2018-01-25
Updated
2018-02-07
12 vulnerabilities found