← Back

Getsimple Cms

getsimple_cms

Vendor: Cagintranetworks • 2 CVEs

CVEs (2)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2017-8081
1Cagintranetworks
1Getsimple Cms
May 13, 2026
Apr 30, 2017
N/A· v4
8.8 HIGH· v3
6.8 MEDIUM· v2
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a sessio...Show more
Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a session cookie or CSRF nonce.Show less
CVE-2014-8790
2Cagintranetworks
Get Simple
2Getsimple Cms
Getsimple Cms
May 6, 2026
Jan 20, 2015
N/A· v4
N/A· v3
5.0 MEDIUM· v2
XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before 3.3.5 Beta 1, when in certain configurations, allows remote attackers to read arbitrary files via the data parameter.