Vendor
Castos
Products
2
CVEs
8
Across products
8
Status
Private
Products
2- 7 CVEs
- 1 CVE
Recent CVEs
8| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-45001 | Hig | 0.55 | 8.5 | 0.00 | Nov 6, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Castos Seriously Simple Stats allows SQL Injection.This issue affects Seriously Simple Stats: from n/a through 1.5.0. | |
| CVE-2024-25599 | Hig | 0.46 | 7.1 | 0.00 | Mar 28, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting.This issue affects Seriously Simple Podcasting: from n/a through <= 3.0.2. | |
| CVE-2025-49923 | Med | 0.38 | 5.9 | 0.00 | Oct 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows DOM-Based XSS.This issue affects Seriously Simple Podcasting: from n/a through <= 3.11.1. | |
| CVE-2025-46261 | Med | 0.38 | 5.9 | 0.00 | Apr 24, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Stored XSS.This issue affects Seriously Simple Podcasting: from n/a through <= 3.9.0. | |
| CVE-2025-66060 | Med | 0.34 | 5.3 | 0.00 | Nov 21, 2025 | Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seriously Simple Podcasting: from n/a through <= 3.13.0. | |
| CVE-2025-66059 | Med | 0.34 | 5.3 | 0.00 | Nov 21, 2025 | Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Retrieve Embedded Sensitive Data.This issue affects Seriously Simple Podcasting: from n/a through <= 3.13.0. | |
| CVE-2025-66061 | Med | 0.28 | 4.3 | 0.00 | Nov 21, 2025 | Cross-Site Request Forgery (CSRF) vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Cross Site Request Forgery.This issue affects Seriously Simple Podcasting: from n/a through <= 3.13.0. | |
| CVE-2025-62882 | Med | 0.28 | 4.3 | 0.00 | Oct 27, 2025 | Missing Authorization vulnerability in Craig Hewitt Seriously Simple Podcasting seriously-simple-podcasting allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Seriously Simple Podcasting: from n/a through <= 3.13.0. |