CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2024-27625

CMS Made Simple Version 2.2.19 is vulnerable to Cross Site Scripting (XSS). This vulnerability resides in the File Manager module of the admin panel. Specifically, the issue arises due to inadequate sanitization of user input in the "New directory" field.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 12.4%

CVSS Severity

CVSS v3 Score 4.8

References

https://packetstormsecurity.com/files/177243/CMS-Made-Simple-2.2.19-Cross-Site-Scripting.html
https://packetstormsecurity.com/files/177243/CMS-Made-Simple-2.2.19-Cross-Site-Scripting.html

Products affected by CVE-2024-27625

Cmsmadesimple » Cms Made Simple » Version: 2.2.19

cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.19

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2024-27625

Products

Pricing

Contact Us