CVE-2016-2784

Опубликовано: 26 мая 2016

Источник: nvd

CVSS3: 4.7

CVSS2: 2.6

EPSS Низкий

Описание

CMS Made Simple 2.x before 2.1.3 and 1.x before 1.12.2, when Smarty Cache is activated, allow remote attackers to conduct cache poisoning attacks, modify links, and conduct cross-site scripting (XSS) attacks via a crafted HTTP Host header in a request.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.3:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.4:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.5:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.6:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.7:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.0.8:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.3:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.4:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.2.5:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.3.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.4.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.3:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.5.4:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.3:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.4:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.5:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.6:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.7:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.8:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.9:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.6.10:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.7:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.7.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.8:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.8.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.8.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.3:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.4:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.4.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.4.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.9.4.3:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.10:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.10.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.10.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.10.3:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.2:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.2.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.3:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.4:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.5:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.6:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.7:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.8:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.9:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.10:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.11:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.12:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.11.13:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.12:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:1.12.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:2.0.1.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:2.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:2.1.1:*:*:*:*:*:*:*

cpe:2.3:a:cmsmadesimple:cms_made_simple:2.1.2:*:*:*:*:*:*:*

EPSS

Процентиль: 90%

0.06088

Низкий

4.7 Medium

CVSS3

2.6 Low

CVSS2

Дефекты

CWE-79

Связанные уязвимости

GHSA-m9ph-84w3-989x