| CVE-2017-6070 | Cri | 0.64 | 9.8 | 0.01 | | Feb 21, 2017 | CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form. |
| CVE-2017-6072 | Med | 0.34 | 5.3 | 0.00 | | Feb 21, 2017 | CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via defaultadmin. |
| CVE-2017-6071 | Med | 0.34 | 5.3 | 0.00 | | Feb 21, 2017 | CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to conduct information-disclosure attacks via exportxml. |
