Cagintranetworks

cagintranetworks

2 CVEs • 1 product

Products (1)

Click to collapse

Toggle

Getsimple Cms

getsimple_cms

2 CVEs

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2017-8081 1Cagintranetworks 1Getsimple Cms May 13, 2026 Apr 30, 2017 N/A· v4 8.8 HIGH· v3 6.8 MEDIUM· v2 Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a sessio...Show more Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a session cookie or CSRF nonce.Show less
CVE-2014-8790 2Cagintranetworks Get Simple 2Getsimple Cms Getsimple Cms May 6, 2026 Jan 20, 2015 N/A· v4 N/A· v3 5.0 MEDIUM· v2 XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before 3.3.5 Beta 1, when in certain configurations, allows remote attackers to read arbitrary files via the data parameter.

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2017-8081

1Cagintranetworks

1Getsimple Cms

May 13, 2026

Apr 30, 2017

N/A· v4

8.8 HIGH· v3

6.8 MEDIUM· v2

Poor cryptographic salt initialization in admin/inc/template_functions.php in GetSimple CMS 3.3.13 allows a network attacker to escalate privileges to an arbitrary user or conduct CSRF attacks via calculation of a sessio...Show more

CVE-2014-8790

2Cagintranetworks

Get Simple

2Getsimple Cms

Getsimple Cms

May 6, 2026

Jan 20, 2015

N/A· v4

N/A· v3

5.0 MEDIUM· v2

XML external entity (XXE) vulnerability in admin/api.php in GetSimple CMS 3.1.1 through 3.3.x before 3.3.5 Beta 1, when in certain configurations, allows remote attackers to read arbitrary files via the data parameter.