CVE-2010-3882
published 2010-10-08CVE-2010-3882: Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remote attackers to inject arbitrary web script or HTML via…
PriorityP415medium4.3CVSS 2.0
AVNACMAuNCNIPAN
EPSS
0.84%
53.4th percentile
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remote attackers to inject arbitrary web script or HTML via input to the (1) Add Pages, (2) Add Global Content, (3) Edit Global Content, (4) Add Article, (5) Add Category, (6) Add Field Definition, or (7) Add Shortcut module.
Affected
51 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cmsmadesimple | cms_made_simple | <= 1.7.1 | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
| cmsmadesimple | cms_made_simple | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-pc76-88h8-6rpp: In CMS Made Simple 2
ghsa_unreviewed·2022-05-17·CVSS 4.3
CVE-2017-16799 [MEDIUM] CWE-79 GHSA-pc76-88h8-6rpp: In CMS Made Simple 2
In CMS Made Simple 2.2.3.1, in modules/New/action.addcategory.php, stored XSS is possible via the m1_name parameter to admin/moduleinterface.php during addition of a category, a related issue to CVE-2010-3882.
GHSA
GHSA-g832-rf7j-9x9p: Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1
ghsa_unreviewed·2022-05-17
CVE-2010-3882 [MEDIUM] CWE-79 GHSA-g832-rf7j-9x9p: Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1
Multiple cross-site scripting (XSS) vulnerabilities in CMS Made Simple 1.7.1 and earlier allow remote attackers to inject arbitrary web script or HTML via input to the (1) Add Pages, (2) Add Global Content, (3) Edit Global Content, (4) Add Article, (5) Add Category, (6) Add Field Definition, or (7) Add Shortcut module.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2010-10-08
Published