CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-19421

In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but Internet Explorer render HTML elements in a .eml file, because of admin/upload-uploadify.php, and validate_safe_file in admin/inc/security_functions.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.002

EPSS Ranking 44.8%

CVSS Severity

CVSS v3 Score 3.8

CVSS v2 Score 4.0

References

https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1301
https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1301

Products affected by CVE-2018-19421

Get-Simple » Getsimple Cms » Version: 3.3.15

cpe:2.3:a:get-simple:getsimple_cms:3.3.15

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-19421

Products

Pricing

Contact Us