Vulnerabilities (CVE)

Filtered by vendor Get-simple Subscribe

Filtered by product Getsimplecms

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2023-6188	1 Get-simple	1 Getsimplecms	2023-11-25	N/A	9.8 CRITICAL
A vulnerability was found in GetSimpleCMS 3.3.16/3.4.0a. It has been rated as critical. This issue affects some unknown processing of the file /admin/theme-edit.php. The manipulation leads to code injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-245735.
CVE-2020-18191	1 Get-simple	1 Getsimplecms	2020-10-13	6.4 MEDIUM	9.1 CRITICAL
GetSimpleCMS-3.3.15 is affected by directory traversal. Remote attackers are able to delete arbitrary files via /GetSimpleCMS-3.3.15/admin/log.php