Simple Cms
Approved changes feed: RSS · Atom
cpe:2.3:a:phpjabbers:simple_cms:*:*:*:*:*:*:*:*
part: a version: * update: *
| Vendor | Phpjabbers (2f919538-31c8-5cbb-b18c-c6079deaeb0d) |
|---|---|
| Product | Simple Cms (030fc739-0b2b-5255-9372-7222f12e3450) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2023-53927 |
vulnerable | 2026-06-03 14:53:46.024108 |
PHPJabbers Simple CMS 5.0 Stored Cross-Site Scripting via Section Creation
MEDIUM (5.4)
PHPJabbers Simple CMS 5.0 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through section name parameters. Attackers can create sections with embedded JavaScript payloads that will execute when administrators view the sections, potentially enabling client-side code execution.
Published: 2025-12-17T22:44:56.392Z
Updated: 2026-04-07T14:07:48.454Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2023-53926 |
vulnerable | 2026-06-03 14:53:46.021065 |
PHPJabbers Simple CMS 5.0 SQL Injection via Column Parameter
CRITICAL (9.8)
PHPJabbers Simple CMS 5.0 contains a SQL injection vulnerability in the 'column' parameter that allows remote attackers to manipulate database queries. Attackers can inject crafted SQL payloads through the 'column' parameter in the index.php endpoint to potentially extract or modify database information.
Published: 2025-12-17T22:44:55.873Z
Updated: 2026-04-07T14:07:47.728Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.