CVE-2018-15564

Name of the Vulnerable Software and Affected Versions daveismyname simple-cms versions through 2014-03-11

Description The issue is related to a CSRF vulnerability. This vulnerability can be exploited to delete any page via the "admin/?delpage=8" endpoint, using the delpage variable.

Recommendations For versions through 2014-03-11, as a temporary workaround, consider restricting access to the "admin/?delpage=8" endpoint to minimize the risk of exploitation. Avoid using the delpage variable in the affected endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.