Lucene search
MitreCVE-2014-1603HistoryMay 14, 2014 - 7:55 p.m.
CVE-2014-1603
2014-05-1419:55:10
CWE-79
mitre
web.nvd.nist.gov
37
cve-2014-1603
cross-site scripting
xss
getsimple cms
web script injection
html injection
nvd
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
60.8%
Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.3.1 allow remote attackers to inject arbitrary web script or HTML via the (1) param parameter to admin/load.php or (2) user, (3) email, or (4) name parameter in a Save Settings action to admin/settings.php.
Affected configurations
Node
get-simplegetsimple_cmsMatch3.3.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| get-simple | getsimple_cms | 3.3.1 | cpe:2.3:a:get-simple:getsimple_cms:3.3.1:*:*:*:*:*:*:* |
Related
exploitpack
exploitpack
GetSimple CMS 3.3.1 - Cross-Site Scripting
2014-10-12 00:00:00
exploitdb
exploitdb
GetSimple CMS 3.3.1 - Cross-Site Scripting
2014-10-12 00:00:00
packetstorm
packetstorm
GetSimple CMS 3.3.1 Cross Site Scripting
2014-05-13 00:00:00
prion
prion
Cross site scripting
2014-05-14 19:55:00
cvelist
cvelist
CVE-2014-1603
2014-05-14 19:00:00
nvd
nvd
CVE-2014-1603
2014-05-14 19:55:10
CVSS2
4.3
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
AI Score
5.8
Confidence
High
EPSS
0.002
Percentile
60.8%
Related for CVE-2014-1603