CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not a...
7.2CVSS
7.1AI Score
0.052EPSS
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_title parameter. Someone must login to conduct the...
5.4CVSS
5.4AI Score
0.001EPSS
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_content parameter. Someone must login to conduct the...
5.4CVSS
5.4AI Score
0.001EPSS
XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter. Someone must login to conduct the...
5.4CVSS
5.4AI Score
0.001EPSS
Cross-Site Scripting (XSS) vulnerability in cmsmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload injected into the Database Name, DataBase User or Database Port...
6.1CVSS
5.8AI Score
0.001EPSS
An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu...
7.8CVSS
7.7AI Score
0.001EPSS
PHP remote file inclusion vulnerability in lang.php in CMS Made Simple 0.10 and earlier allows remote attackers to execute arbitrary PHP code via the nls[file][vx][vxsfx]...
7.7AI Score
0.071EPSS
SQL injection vulnerability in content_css.php in the TinyMCE module for CMS Made Simple 1.2.2 and earlier allows remote attackers to execute arbitrary SQL commands via the templateid...
8.4AI Score
0.108EPSS
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu...
5.4CVSS
6.1AI Score
0.0004EPSS
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory parameter in the File Picker Menu...
5.4CVSS
6.1AI Score
0.0004EPSS
A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf file with hidden Cross Site Scripting...
5.4CVSS
5.8AI Score
0.0004EPSS
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu...
5.4CVSS
6.1AI Score
0.0004EPSS
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu...
5.4CVSS
6.1AI Score
0.0004EPSS
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts...
5.4CVSS
6.1AI Score
0.0004EPSS
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor...
5.4CVSS
6.1AI Score
0.0004EPSS
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user...
5.4CVSS
6.2AI Score
0.0004EPSS
Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu...
5.4CVSS
6.1AI Score
0.0004EPSS
CMS Made Simple v2.2.17 is vulnerable to Remote Command Execution via the File Upload...
8.8CVSS
8.8AI Score
0.001EPSS
A Cross-site scripting (XSS) vulnerability in CMS Made Simple v2.2.17 allows remote attackers to inject arbitrary web script or HTML via the File Upload...
5.4CVSS
5.4AI Score
0.001EPSS
SQL Injection vulnerability in CMS Made Simple through 2.2.15 allows remote attackers to execute arbitrary commands via the m1_sortby parameter to...
8.8CVSS
9.3AI Score
0.001EPSS
File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar...
7.2CVSS
6.7AI Score
0.002EPSS
CMS Made Simple <=2.2.15 is affected by SQL injection in modules/News/function.admin_articlestab.php. The $sortby variable is concatenated with $query1, but it is possible to inject arbitrary SQL language without using the...
8.8CVSS
9AI Score
0.003EPSS
An issue was discovered in CMS Made Simple 2.2.8. In the administrator page admin/changegroupperm.php, it is possible to send a crafted value in the sel_groups parameter that leads to authenticated object...
7.2CVSS
7.3AI Score
0.001EPSS
An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager (in the file action.installmodule.php), it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the "install module"...
8.8CVSS
8.6AI Score
0.001EPSS
An issue was discovered in CMS Made Simple 2.2.8. In the module FilePicker, it is possible to reach an unserialize call with an untrusted parameter, and achieve authenticated object...
8.8CVSS
8.7AI Score
0.001EPSS
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in...
9.8CVSS
9.2AI Score
0.002EPSS
CMS Made Simple (CMSMS) before 2.2.5 does not properly cache login information in...
9.8CVSS
9.2AI Score
0.002EPSS
CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since...
7.8CVSS
7.5AI Score
0.0004EPSS
CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code...
9.8CVSS
9.8AI Score
0.002EPSS
In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a CMSContentManager action to admin/moduleinterface.php, followed by a FilePicker action to admin/moduleinterface.php in which type=image is changed to...
4.9CVSS
4.8AI Score
0.001EPSS
In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a FileManager action to...
4.9CVSS
4.9AI Score
0.001EPSS
In CMS Made Simple (CMSMS) through 2.2.7, the "file delete" operation in the admin dashboard contains an arbitrary file deletion vulnerability that can cause DoS, exploitable by an admin user, because the attacker can remove all lib/ files in all...
6.5CVSS
6.5AI Score
0.001EPSS
In CMS Made Simple (CMSMS) through 2.2.7, the "file move" operation in the admin dashboard contains an arbitrary file movement vulnerability that can cause DoS, exploitable by an admin user, because config.php can be moved into an incorrect...
2.7CVSS
4.3AI Score
0.001EPSS
CMS Made Simple (CMSMS) through 2.2.6 contains an admin password reset vulnerability because data values are improperly compared, as demonstrated by a hash beginning with the "0e"...
9.8CVSS
9.5AI Score
0.005EPSS
In CMS Made Simple (CMSMS) through 2.2.7, the "file rename" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by an admin user, that can cause DoS by moving config.php to the upload/...
6.5CVSS
6.2AI Score
0.001EPSS
In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be present in the extracted ZIP...
7.2CVSS
7.4AI Score
0.003EPSS
CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary file deletion vulnerability in the admin dashboard via directory traversal sequences in the val parameter within a cmd=del request, because code under modules\FilePicker does not restrict the val...
7.5CVSS
7.6AI Score
0.002EPSS
CMS Made Simple (CMSMS) through 2.2.6 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because an SHA-1 cryptographic protection mechanism can be...
8.8CVSS
8.8AI Score
0.001EPSS
CMS Made Simple (CMSMS) through 2.2.7 allows physical path leakage via an invalid /index.php?page= value, a crafted URI starting with /index.php?mact=Search, or a direct request to /admin/header.php, /admin/footer.php, /lib/tasks/class.ClearCache.task.php, or...
5.3CVSS
5.1AI Score
0.001EPSS
CMS Made Simple (CMSMS) through 2.2.7 contains an arbitrary code execution vulnerability in the admin dashboard because the implementation uses "eval('function testfunction'.rand()" and it is possible to bypass certain restrictions on these "testfunction"...
7.2CVSS
7.3AI Score
0.001EPSS
CMS Made Simple (CMSMS) 2.2.7 contains a privilege escalation vulnerability from ordinary user to admin user by arranging for the eff_uid value within $_COOKIE[$this->_loginkey] to equal 1, because files in the tmp/ directory are accessible through HTTP requests. NOTE: this vulnerability exists....
8.8CVSS
8.8AI Score
0.001EPSS
In CMS Made Simple (CMSMS) through 2.2.7, the "module remove" operation in the admin dashboard contains an arbitrary file deletion vulnerability that can cause DoS, exploitable by an admin user, because the attacker can remove all lib/ files in all...
6.5CVSS
6.5AI Score
0.001EPSS
CMS Made Simple (CMSMS) through 2.2.7 contains a physical path leakage Vulnerability via /modules/DesignManager/action.ajax_get_templates.php, /modules/DesignManager/action.ajax_get_stylesheets.php, /modules/FileManager/dunzip.php, or...
5.3CVSS
5.1AI Score
0.001EPSS
CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_name parameter, related to moduledepends, a different vulnerability than...
4.8CVSS
4.9AI Score
0.001EPSS
8.8CVSS
8.6AI Score
0.001EPSS
CMS Made Simple (aka CMSMS) 2.2.7 has Reflected XSS in admin/moduleinterface.php via the m1_version...
4.8CVSS
4.9AI Score
0.001EPSS
CMS Made Simple (aka CMSMS) 2.2.7 has Stored XSS in admin/siteprefs.php via the metadata...
4.8CVSS
4.8AI Score
0.001EPSS
CMS Made Simple (CMSMS) through 2.2.6 allows PHP object injection because of an unserialize call in the _get_data function of \lib\classes\internal\class.LoginOperations.php. By sending a crafted cookie, a remote attacker can upload and execute code, or delete...
9.8CVSS
9.6AI Score
0.003EPSS
8.8CVSS
8.6AI Score
0.001EPSS
In CMS Made Simple (CMSMS) through 2.2.7, the "file view" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by ordinary users, because the product exposes unrestricted access to the PHP file_get_contents...
4.9CVSS
5AI Score
0.001EPSS