This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:cmsmadesimple:cms_made_simple:1.2
Detail
VendorCmsmadesimpleFirst view 2005-07-27
ProductCms Made SimpleLast view2018-04-13
Version1.2TypeApplication
Edition 
Language 
Update 
 
CPE Productcpe:/a:cmsmadesimple:cms_made_simple

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
6.52018-04-13CVE-2018-10086NetworkLowRequires ...
7.52018-04-13CVE-2018-10085NetworkLowNone Requ...
6.52018-04-13CVE-2018-10084NetworkLowRequires ...
6.42018-04-13CVE-2018-10083NetworkLowNone Requ...
52018-04-13CVE-2018-10082NetworkLowNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
52018-04-13CVE-2018-10081NetworkLowNone Requ...
3.52018-04-11CVE-2018-10033NetworkMediumRequires ...
3.52018-04-11CVE-2018-10032NetworkMediumRequires ...
6.82018-04-11CVE-2018-10031NetworkMediumNone Requ...
6.82018-04-11CVE-2018-10030NetworkMediumNone Requ...
3.52018-04-11CVE-2018-10029NetworkMediumRequires ...
4.62018-01-02CVE-2017-1000454LocalLowNone Requ...
7.52018-01-02CVE-2017-1000453NetworkLowNone Requ...
52017-12-18CVE-2017-17735NetworkLowNone Requ...
52017-12-18CVE-2017-17734NetworkLowNone Requ...
52017-02-21CVE-2017-6072NetworkLowNone Requ...
52017-02-21CVE-2017-6071NetworkLowNone Requ...
7.52017-02-21CVE-2017-6070NetworkLowNone Requ...
62017-01-16CVE-2016-7904NetworkMediumRequires ...
2.62016-05-26CVE-2016-2784NetworkHighNone Requ...
62014-03-05CVE-2014-2245NetworkMediumRequires ...
4.32013-10-11CVE-2013-4167NetworkMediumNone Requ...
3.52012-12-03CVE-2012-6064NetworkMediumRequires ...
6.82012-12-03CVE-2012-5450NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
25% (8)CWE-79Failure to Preserve Web Page Structure ('Cross-site Scripting')
19% (6)CWE-352Cross-Site Request Forgery (CSRF)
19% (6)CWE-200Information Exposure
9% (3)CWE-22Improper Limitation of a Pathname to a Restricted Directory ('Path ...
6% (2)CWE-89Improper Sanitization of Special Elements used in an SQL Command ('...
Hide | Show 5 More...
%idName
6% (2)CWE-74Failure to Sanitize Data into a Different Plane ('Injection')
3% (1)CWE-640Weak Password Recovery Mechanism for Forgotten Password
3% (1)CWE-310Cryptographic Issues
3% (1)CWE-284Access Control (Authorization) Issues
3% (1)CWE-94Failure to Control Generation of Code ('Code Injection')

Open Source Vulnerability Database (OSVDB)

idDescription
73150News Module for CMS Made Simple Unspecified Issue
68617CMS Made Simple lib/translation.functions.php default_cms_lang Parameter Trav...
65369CMS Made Simple Add Global Content Module URI XSS
65368CMS Made Simple Edit Global Content Module URI XSS
65367CMS Made Simple Add Article Module URI XSS
Hide | Show 9 More...
idDescription
65366CMS Made Simple Add Category Module URI XSS
65365CMS Made Simple Add Field Definition Module URI XSS
65364CMS Made Simple Add Shortcut Module URI XSS
65363CMS Made Simple Changes Group Permission Module CSRF
65362CMS Made Simple Add Pages Module URI XSS
65081CMS Made Simple Admin Password Manipulation CSRF
64606CMS Made Simple admin/editprefs.php date_format_string Parameter XSS
39788CMS Made Simple modules/TinyMCE/content_css.php templateid Parameter SQL Inje...
18128CMSimple search Function XSS

OpenVAS Exploits

idDescription
2010-07-14Name : CMS Made Simple 'default_cms_lang' Parameter Local File Include Vulnerability
File : nvt/gb_cms_made_simple_41565.nasl
2010-05-10Name : CMS Made Simple 'admin/editprefs.php' Cross-Site Scripting Vulnerability
File : nvt/gb_cms_made_simple_39997.nasl
2006-03-26Name : CMSimple index.php search XSS
File : nvt/cmsimple_search_xss.nasl

Nessus® Vulnerability Scanner

idDescription
2008-01-02Name : The remote web server contains a PHP script that is prone to a SQL injection ...
File : cmsmadesimple_templateid_sql_injection.nasl - Type : ACT_ATTACK
2005-09-14Name : The remote web server is hosting a PHP application that is affected by a cros...
File : cmsimple_search_xss.nasl - Type : ACT_ATTACK