CPE-8688E4CB-E576-475F-B876-77E8641057AC Détail

CPE Details

Cmsmadesimple CMS Made Simple 2.2.18

Vendor

cmsmadesimple

Product

cms_made_simple

Version

2.2.18

Created

2023-12-09
03h57 +00:00

Modifié

2023-12-09
03h57 +00:00

Liens officiels

CPE NVD

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Gestion des notifications

Liste des Notifications

Alerte pour un CPE

Restez informé de toutes modifications pour un CPE spécifique.

Paramètres

Vous pouvez spécifier un titre qui sera récupéré dans les alertes qui seront envoyées.

CPE ID

Planifications

Mois

Prochaine exécution calculée

Jour

Jour de la semaine

Heure

Minute

Date de création

Dernière exécution

Prochaine exécution

Fonctionnalité nécessitant une connexion

Cette fonctionnalité qui vous permet de recevoir des alertes, n'est active que lorsque vous êtes connecté à votre compte.

CPE Name: cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.18:::::::*

Informations

Vendor

cmsmadesimple

Product

cms_made_simple

Version

2.2.18

Related CVE

Open and find in CVE List

CVE ID	Publié	Description	Score	Gravité
CVE-2023-43352	2023-10-25 22h00 +00:00	An issue in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload to the Content Manager Menu component.	7.8	Haute
CVE-2023-43360	2023-10-23 22h00 +00:00	Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Top Directory parameter in the File Picker Menu component.	5.4	Moyen
CVE-2023-43358	2023-10-22 22h00 +00:00	Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the News Menu component.	5.4	Moyen
CVE-2023-43353	2023-10-19 22h00 +00:00	Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the extra parameter in the news menu component.	5.4	Moyen
CVE-2023-43354	2023-10-19 22h00 +00:00	Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Profiles parameter in the Extensions -MicroTiny WYSIWYG editor component.	5.4	Moyen
CVE-2023-43355	2023-10-19 22h00 +00:00	Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the password and password again parameters in the My Preferences - Add user component.	5.4	Moyen
CVE-2023-43356	2023-10-19 22h00 +00:00	Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Global Meatadata parameter in the Global Settings Menu component.	5.4	Moyen
CVE-2023-43357	2023-10-19 22h00 +00:00	Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Title parameter in the Manage Shortcuts component.	5.4	Moyen
CVE-2023-43359	2023-10-18 22h00 +00:00	Cross Site Scripting vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted script to the Page Specific Metadata and Smarty data parameters in the Content Manager Menu component.	5.4	Moyen
CVE-2023-43872	2023-09-27 22h00 +00:00	A File upload vulnerability in CMSmadesimple v.2.2.18 allows a local attacker to upload a pdf file with hidden Cross Site Scripting (XSS).	5.4	Moyen
CVE-2023-43339	2023-09-24 22h00 +00:00	Cross-Site Scripting (XSS) vulnerability in cmsmadesimple v.2.2.18 allows a local attacker to execute arbitrary code via a crafted payload injected into the Database Name, DataBase User or Database Port components.	6.1	Moyen
CVE-2017-1000453	2018-01-02 17h00 +00:00	CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.	9.8	Critique
CVE-2017-1000454	2018-01-02 17h00 +00:00	CMS Made Simple 2.1.6, 2.2, 2.2.1 are vulnerable to Smarty Template Injection in some core components, resulting in local file read before 2.2, and local file inclusion since 2.2.1	7.8	Haute
CVE-2014-0334	2014-03-02 16h00 +00:00	Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple allow remote authenticated users to inject arbitrary web script or HTML via (1) the group parameter to admin/addgroup.php, (2) the htmlblob parameter to admin/addhtmlblob.php, the (3) title or (4) url parameter to admin/addbookmark.php, (5) the stylesheet_name parameter to admin/copystylesheet.php, (6) the template_name parameter to admin/copytemplate.php, the (7) title or (8) url parameter to admin/editbookmark.php, (9) the template parameter to admin/listtemplates.php, or (10) the css_name parameter to admin/listcss.php, a different issue than CVE-2014-2092.	3.5
CVE-2007-5056	2007-09-24 20h00 +00:00	Eval injection vulnerability in adodb-perf-module.inc.php in ADOdb Lite 1.42 and earlier, as used in products including CMS Made Simple, SAPID CMF, Journalness, PacerCMS, and Open-Realty, allows remote attackers to execute arbitrary code via PHP sequences in the last_module parameter.	6.8

Cmsmadesimple CMS Made Simple 2.2.18

CPE Details

CPE Name: cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.18:*:*:*:*:*:*:*

Informations

Vendor

Product

Version

Related CVE

CPE Name: cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.18:::::::*