CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-47917

Simple CMS 2.1 contains a persistent cross-site scripting vulnerability in user input parameters that allows remote attackers to inject malicious script code. Attackers can exploit the newUser and editUser modules to inject persistent scripts that execute on user list preview, potentially leading to session hijacking and application manipulation.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 13.1%

CVSS Severity

CVSS v3 Score 6.4

References

https://simplephpscripts.com/simple-cms-php
https://www.vulncheck.com/advisories/simple-cms-persistent-cross-site-scripting-via-user-input-parameters
https://www.vulnerability-lab.com/get_content.php?id=2302

Products affected by CVE-2021-47917

Simplephpscripts » Simple Cms Php » Version: 2.1

cpe:2.3:a:simplephpscripts:simple_cms_php:2.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-47917

Products

Pricing

Contact Us