Shodan
Vulnerabilities
Vulnerable Software
Cmsmadesimple:  >> Cms Made Simple  Security Vulnerabilities
CVE-2020-23241
Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.
CVSS Score
4.8
EPSS Score
0.005
Published
2021-07-26
CVE-2020-36416
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Design" parameter under the "Designs" module.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-02
CVE-2020-36408
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Shortcut" parameter under the "Manage Shortcuts" module.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-02
CVE-2020-36409
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Add Category" parameter under the "Categories" module.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-02
CVE-2020-36410
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Email address to receive notification of news submission" parameter under the "Options" module.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-02
CVE-2020-36411
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Path for the {page_image} tag:" or "Path for thumbnail field:" parameters under the "Content Editing Settings" module.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-02
CVE-2020-36412
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Search Text" field under the "Admin Search" module.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-02
CVE-2020-36413
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Exclude these IP addresses from the "Site Down" status" parameter under the "Maintenance Mode" module.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-02
CVE-2020-36414
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "URL (slug)" or "Extra" fields under the "Add Article" feature.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-02
CVE-2020-36415
A stored cross scripting (XSS) vulnerability in CMS Made Simple 2.2.14 allows authenticated attackers to execute arbitrary web scripts or HTML via a crafted payload entered into the "Create a new Stylesheet" parameter under the "Stylesheets" module.
CVSS Score
5.4
EPSS Score
0.005
Published
2021-07-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved