Shodan
Vulnerabilities
Vulnerable Software
Get-Simple:  Security Vulnerabilities
CVE-2022-41544
GetSimple CMS v3.3.16 was discovered to contain a remote code execution (RCE) vulnerability via the edited_file parameter in admin/theme-edit.php.
CVSS Score
9.8
EPSS Score
0.638
Published
2022-10-18
CVE-2022-1503
A vulnerability, which was classified as problematic, has been found in GetSimple CMS. Affected by this issue is the file /admin/edit.php of the Content Module. The manipulation of the argument post-content with an input like <script>alert(1)</script> leads to cross site scripting. The attack may be launched remotely but requires authentication. Expoit details have been disclosed within the advisory.
CVSS Score
3.5
EPSS Score
0.002
Published
2022-04-27
CVE-2021-36601
GetSimpleCMS 3.3.16 contains a cross-site Scripting (XSS) vulnerability, where Function TSL does not filter check settings.php Website URL: "siteURL" parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-08-10
CVE-2020-21353
A stored cross site scripting (XSS) vulnerability in /admin/snippets.php of GetSimple CMS 3.4.0a allows attackers to execute arbitrary web scripts or HTML via crafted payload in the Edit Snippets module.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-08-06
CVE-2020-18660
GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.
CVSS Score
6.1
EPSS Score
0.003
Published
2021-06-23
CVE-2020-18657
Cross Site Scripting (XSS) vulnerability in GetSimpleCMS <= 3.3.15 in admin/changedata.php via the redirect_url parameter and the headers_sent function.
CVSS Score
6.1
EPSS Score
0.004
Published
2021-06-23
CVE-2020-18658
Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS <=3.3.15 via the timezone parameter to settings.php.
CVSS Score
6.1
EPSS Score
0.005
Published
2021-06-23
CVE-2020-18659
Cross Site Scripting vulnerability in GetSimpleCMS <=3.3.15 via the (1) sitename, (2) username, and (3) email parameters to /admin/setup.php
CVSS Score
6.1
EPSS Score
0.004
Published
2021-06-23
CVE-2020-20389
Cross Site Scripting (XSS) vulnerability in GetSimpleCMS 3.4.0a in admin/edit.php.
CVSS Score
4.8
EPSS Score
0.003
Published
2021-06-23
CVE-2020-20391
Cross Site Scripting vulnerability in GetSimpleCMS 3.4.0a in admin/snippets.php via (1) Add Snippet and (2) Save snippets.
CVSS Score
5.4
EPSS Score
0.003
Published
2021-06-23


Products
Pricing
Contact Us

Shodan ® - All rights reserved