CVEDB API

Vulnerabilities

Vulnerable Software

Get-Simple: >> Getsimplecms >> 3.3.0 Security Vulnerabilities

CVE-2020-18660

GetSimpleCMS <=3.3.15 has an open redirect in admin/changedata.php via the redirect function to the url parameter.

CVSS Score

6.1

EPSS Score

0.003

Published

2021-06-23

CVE-2020-18657

Cross Site Scripting (XSS) vulnerability in GetSimpleCMS <= 3.3.15 in admin/changedata.php via the redirect_url parameter and the headers_sent function.

CVSS Score

6.1

EPSS Score

0.004

Published

2021-06-23

CVE-2020-18658

Cross Site Scriptiong (XSS) vulnerability in GetSimpleCMS <=3.3.15 via the timezone parameter to settings.php.

CVSS Score

6.1

EPSS Score

0.004

Published

2021-06-23

CVE-2020-18659

Cross Site Scripting vulnerability in GetSimpleCMS <=3.3.15 via the (1) sitename, (2) username, and (3) email parameters to /admin/setup.php

CVSS Score

6.1

EPSS Score

0.004

Published

2021-06-23

CVE-2021-28976

Remote Code Execution vulnerability in GetSimpleCMS before 3.3.16 in admin/upload.php via phar filess.

CVSS Score

7.2

EPSS Score

0.101

Published

2021-06-23

CVE-2021-28977

Cross Site Scripting vulnerability in GetSimpleCMS 3.3.16 in admin/upload.php by adding comments or jpg and other file header information to the content of xla, pages, and gzip files,

CVSS Score

4.8

EPSS Score

0.002

Published

2021-06-23

Page 1

Vulnerabilities

Vulnerable Software

Get-Simple: >> Getsimplecms >> 3.3.0 Security Vulnerabilities

Products

Pricing

Contact Us