CVE-2012-6621

Multiple cross-site scripting (XSS) vulnerabilities in GetSimple CMS 3.1, 3.1.2, 3.2.3, and earlier allow remote attackers to inject arbitrary web script or HTML via the (1) Email Address or (2) Custom Permalink Structure fields in admin/settings.php; (3) path parameter to admin/upload.php; (4) err parameter to admin/theme.php; (5) error parameter to admin/pages.php; or (6) success or (7) err parameter to admin/index.php.
Cross-site Scripting
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
4.3 UNKNOWN
NETWORK
MEDIUM
AV:N/AC:M/Au:N/C:N/I:P/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 63%
VendorProductVersion
get-simplegetsimple_cms
𝑥
≤ 3.2.3
get-simplegetsimple_cms
1.0
get-simplegetsimple_cms
1.1
get-simplegetsimple_cms
1.2
get-simplegetsimple_cms
1.3
get-simplegetsimple_cms
1.4
get-simplegetsimple_cms
1.5
get-simplegetsimple_cms
1.6
get-simplegetsimple_cms
1.7
get-simplegetsimple_cms
1.25
get-simplegetsimple_cms
1.71
get-simplegetsimple_cms
2.0
get-simplegetsimple_cms
2.01
get-simplegetsimple_cms
2.03
get-simplegetsimple_cms
2.03.1
get-simplegetsimple_cms
3.0
get-simplegetsimple_cms
3.1
get-simplegetsimple_cms
3.1.1
get-simplegetsimple_cms
3.1.2
get-simplegetsimple_cms
3.2
get-simplegetsimple_cms
3.2.1
get-simplegetsimple_cms
3.2.2
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://packetstormsecurity.com/files/124711
http://packetstormsecurity.org/files/112643/GetSimple-CMS-3.1-Cross-Site-Scripting.html
http://secunia.com/advisories/49137
http://www.securityfocus.com/bid/53501
http://www.vulnerability-lab.com/get_content.php?id=521
https://exchange.xforce.ibmcloud.com/vulnerabilities/75534
https://exchange.xforce.ibmcloud.com/vulnerabilities/75535
http://packetstormsecurity.com/files/124711
http://packetstormsecurity.org/files/112643/GetSimple-CMS-3.1-Cross-Site-Scripting.html
http://secunia.com/advisories/49137
http://www.securityfocus.com/bid/53501
http://www.vulnerability-lab.com/get_content.php?id=521
https://exchange.xforce.ibmcloud.com/vulnerabilities/75534
https://exchange.xforce.ibmcloud.com/vulnerabilities/75535