Unrated severityNVD Advisory· Published Mar 5, 2014· Updated Jun 17, 2026
CVE-2014-2245
CVE-2014-2245
Description
SQL injection vulnerability in the News module in CMS Made Simple (CMSMS) before 1.11.10 allows remote authenticated users with the "Modify News" permission to execute arbitrary SQL commands via the sortby parameter to admin/moduleinterface.php. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
65cpe:2.3:a:cmsmadesimple:cms_made_simple:*:*:*:*:*:*:*:*+ 63 more
- cpe:2.3:a:cmsmadesimple:cms_made_simple:*:*:*:*:*:*:*:*range: <=1.11.9
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.10.4:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.12.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.13:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.5.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.6:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.6.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.6.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.6.3:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.7:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.7.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.7.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.7.3:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.8:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.8.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.8.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.9:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.9.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:0.9.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.10:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.10.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.10.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.10.3:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.3:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.4:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.5:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.6:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.7:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.8:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.4:*:*:*:*:*:*:*
- Range: <1.11.10
Patches
Vulnerability mechanics
References
4- dev.cmsmadesimple.org/project/changelog/4602nvdVendor Advisory
- secunia.com/advisories/56996nvdVendor Advisory
- seclists.org/oss-sec/2014/q1/467nvd
- www.securityfocus.com/bid/65953nvd
News mentions
0No linked articles in our index yet.