| CVE-2017-16783 | Cri | 0.67 | 9.8 | 0.10 | | Nov 10, 2017 | In CMS Made Simple 2.1.6, there is Server-Side Template Injection via the cntnt01detailtemplate parameter. |
| CVE-2017-6070 | Cri | 0.64 | 9.8 | 0.01 | | Feb 21, 2017 | CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form. |
| CVE-2017-8912 | Hig | 0.50 | 7.2 | 0.04 | | May 12, 2017 | CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not a bug. |
| CVE-2017-16784 | Med | 0.40 | 6.1 | 0.00 | | Nov 10, 2017 | In CMS Made Simple 2.2.2, there is Reflected XSS via the cntnt01detailtemplate parameter. |
| CVE-2017-16798 | Med | 0.35 | 5.4 | 0.01 | | Nov 12, 2017 | In CMS Made Simple 2.2.3.1, the is_file_acceptable function in modules/FileManager/action.upload.php only blocks file extensions that begin or end with a "php" substring, which allows remote attackers to bypass intended access restrictions or trigger XSS via other extensions, as demonstrated by .phtml, .pht, .html, or .svg. |
| CVE-2017-7257 | Med | 0.35 | 5.4 | 0.00 | | Mar 24, 2017 | XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_content parameter. Someone must login to conduct the attack. |
| CVE-2017-7256 | Med | 0.35 | 5.4 | 0.00 | | Mar 24, 2017 | XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_summary parameter. Someone must login to conduct the attack. |
| CVE-2017-7255 | Med | 0.35 | 5.4 | 0.00 | | Mar 24, 2017 | XSS exists in the CMS Made Simple (CMSMS) 2.1.6 "Content-->News-->Add Article" feature via the m1_title parameter. Someone must login to conduct the attack. |
| CVE-2017-6556 | Med | 0.35 | 5.4 | 0.00 | | Mar 9, 2017 | Cross-site scripting (XSS) vulnerability in CMS Made Simple (CMSMS) 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the "adminpage > sitesetting > General Settings > globalmetadata" field. |
| CVE-2017-6555 | Med | 0.35 | 5.4 | 0.00 | | Mar 9, 2017 | Cross-site scripting (XSS) vulnerability in /admin/moduleinterface.php in CMS Made Simple 2.1.6 allows remote authenticated users to inject arbitrary web script or HTML via the m1_description parameter (aka "Design Manager > Categories > Category Description"). |
| CVE-2017-6072 | Med | 0.34 | 5.3 | 0.00 | | Feb 21, 2017 | CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via defaultadmin. |
| CVE-2017-6071 | Med | 0.34 | 5.3 | 0.00 | | Feb 21, 2017 | CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via exportxml. |
| CVE-2016-2784 | Med | 0.34 | 4.7 | 0.06 | | May 26, 2016 | CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request. |
| CVE-2017-11405 | Med | 0.32 | 4.9 | 0.00 | | Jul 18, 2017 | In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a CMSContentManager action to admin/moduleinterface.php, followed by a FilePicker action to admin/moduleinterface.php in which type=image is changed to type=file. |
| CVE-2017-11404 | Med | 0.32 | 4.9 | 0.00 | | Jul 18, 2017 | In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a FileManager action to admin/moduleinterface.php. |
| CVE-2007-5056 | | 0.10 | — | 0.82 | | Sep 24, 2007 | Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter. |
| CVE-2008-5642 | | 0.04 | — | 0.10 | | Dec 17, 2008 | Directory traversal vulnerability in admin/login.php in CMS Made Simple 1.4.1 allows remote attackers to read arbitrary files via a .. (dot dot) in a cms_language cookie. |
| CVE-2008-2267 | | 0.04 | — | 0.11 | | May 16, 2008 | Incomplete blacklist vulnerability in javaUpload.php in Postlet in the FileManager module in CMS Made Simple 1.2.4 and earlier allows remote attackers to execute arbitrary code by uploading a file with a name ending in (1) .jsp, (2) .php3, (3) .cgi, (4) .dhtml, (5) .phtml, (6) .php5, or (7) .jar, then accessing it via a direct request to the file in modules/FileManager/postlet/. |
| CVE-2014-0334 | | 0.03 | — | 0.01 | | Mar 2, 2014 | Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple allow remote authenticated users to inject arbitrary web script or HTML via (1) the group parameter to admin/addgroup.php, (2) the htmlblob parameter to admin/addhtmlblob.php, the (3) title or (4) url parameter to admin/addbookmark.php, (5) the stylesheet_name parameter to admin/copystylesheet.php, (6) the template_name parameter to admin/copytemplate.php, the (7) title or (8) url parameter to admin/editbookmark.php, (9) the template parameter to admin/listtemplates.php, or (10) the css_name parameter to admin/listcss.php, a different issue than CVE-2014-2092. |
| CVE-2010-3884 | | 0.03 | — | 0.00 | | Oct 8, 2010 | Cross-site request forgery (CSRF) vulnerability in CMS Made Simple 1.8.1 and earlier allows remote attackers to hijack the authentication of administrators for requests that reset the administrative password. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. |
