Dustincowell

dustincowell

4 CVEs • 2 products

Products (2)

Click to collapse

Toggle

Free Simple Cms

free_simple_cms

Free Simple Software

free_simple_software

CVEs (4)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2010-4311 1Dustincowell 1Free Simple Software Apr 29, 2026 Nov 26, 2010 N/A· v4 N/A· v3 5.0 MEDIUM· v2 Free Simple Software 1.0 stores passwords in cleartext, which allows context-dependent attackers to obtain sensitive information.
CVE-2010-4298 1Dustincowell 1Free Simple Software Apr 29, 2026 Nov 26, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 SQL injection vulnerability in the download module in Free Simple Software 1.0 allows remote attackers to execute arbitrary SQL commands via the downloads_id parameter in a download_now action to index.php.
CVE-2010-3742 1Dustincowell 1Free Simple Cms Apr 29, 2026 Oct 5, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) meta or (2) phpincdir parameter, a different...Show more Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 allow remote attackers to execute arbitrary PHP code via a URL in the (1) meta or (2) phpincdir parameter, a different issue than CVE-2010-3307.Show less
CVE-2010-3307 1Dustincowell 1Free Simple Cms Apr 29, 2026 Oct 5, 2010 N/A· v4 N/A· v3 7.5 HIGH· v2 Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) body, (2) footer, (3) header, (4...Show more Multiple PHP remote file inclusion vulnerabilities in themes/default/index.php in Free Simple CMS 1.0 and earlier allow remote attackers to execute arbitrary PHP code via a URL in the (1) body, (2) footer, (3) header, (4) menu_left, or (5) menu_right parameter.Show less