Peter Arts

#13032de 53,635

20.4CVSS total

Vulnerabilidades · 3

Média

2

Crítica

1

Cms Made Simple · Form Builder · CVE-2017-6070

**Name of the Vulnerable Software and Affected Versions** CMS Made Simple version 1.x Form Builder before version 0.8.1.6 **Description** The issue allows remote attackers to execute PHP code. This is achieved via the `cntnt01fbrp forma form template` parameter in the admin store form endpoint. **Recommendations** For CMS Made Simple version 1.x Form Builder before version 0.8.1.6, update to version 0.8.1.6 or later to resolve the issue.

Cms Made Simple · Form Builder · CVE-2017-6071

**Name of the Vulnerable Software and Affected Versions** CMS Made Simple version 1.x Form Builder before version 0.8.1.6 **Description** The issue allows remote attackers to conduct information-disclosure attacks via exportxml. **Recommendations** For CMS Made Simple version 1.x Form Builder before version 0.8.1.6, update to version 0.8.1.6 or later to resolve the issue.

Cms Made Simple · Cms Made Simple · CVE-2017-6072

**Name of the Vulnerable Software and Affected Versions** CMS Made Simple version 1.x Form Builder before version 0.8.1.6 **Description** The issue allows remote attackers to conduct information-disclosure attacks. This is possible via the default admin interface. **Recommendations** For CMS Made Simple version 1.x Form Builder before version 0.8.1.6, update to version 0.8.1.6 or later to resolve the issue.