CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-8790

XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before 3.3.5 Beta 1, when in certain configurations, allows remote attackers to read arbitrary files via the data parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.007

EPSS Ranking 70.1%

CVSS Severity

CVSS v2 Score 5.0

References

Products affected by CVE-2014-8790

Cagintranetworks » Getsimple Cms » Version: 3.3.3

cpe:2.3:a:cagintranetworks:getsimple_cms:3.3.3
Cagintranetworks » Getsimple Cms » Version: 3.3.4

cpe:2.3:a:cagintranetworks:getsimple_cms:3.3.4
Get-Simple » Getsimple Cms » Version: 3.1.1

cpe:2.3:a:get-simple:getsimple_cms:3.1.1
Get-Simple » Getsimple Cms » Version: 3.1.2

cpe:2.3:a:get-simple:getsimple_cms:3.1.2
Get-Simple » Getsimple Cms » Version: 3.2

cpe:2.3:a:get-simple:getsimple_cms:3.2
Get-Simple » Getsimple Cms » Version: 3.2.1

cpe:2.3:a:get-simple:getsimple_cms:3.2.1
Get-Simple » Getsimple Cms » Version: 3.2.2

cpe:2.3:a:get-simple:getsimple_cms:3.2.2
Get-Simple » Getsimple Cms » Version: 3.2.3

cpe:2.3:a:get-simple:getsimple_cms:3.2.3
Get-Simple » Getsimple Cms » Version: 3.3.0

cpe:2.3:a:get-simple:getsimple_cms:3.3.0
Get-Simple » Getsimple Cms » Version: 3.3.1

cpe:2.3:a:get-simple:getsimple_cms:3.3.1
Get-Simple » Getsimple Cms » Version: 3.3.2

cpe:2.3:a:get-simple:getsimple_cms:3.3.2

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2014-8790

Products

Pricing

Contact Us