Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Fri, 3 Jul 2015 13:27:27 +0530
From: Anirudh Anand <>
Subject: CVE Request: GetSimple CMS: Multiple Stored XSS


GetSimple <> is a stand-a-alone, fully independent
and lite Content Management System.

Recently I found that Getsimple CMS is vulnerable to Stored Cross site
scripting attack.


While creating a new page, give the page title as
*new"onmouseover="alert(1)";* and in the content, give *<svg
onload="alert(10)">*. Now save it and then go to *pages.php* and then hover
the mouse over the cross mark (which is used to delete the post). You can
see that XSS is triggered.

Now, go to *backups.php* and hover the mouse over it and again you can see
the XSS triggered. Now open the backup and you can see that *<svg>* is
triggered there. But since there is regex checking in the main pages, the
*<svg>* won't get triggered in the main page.

Any normal user has the ability to add new pages and each time when a post
is saved, it gets automatically saved into *backups.php*

*Date of reporting:* 3rd July, 2015

*Exploit Author:* Anirudh Anand

*Vendor Homepage*:

*Software Link:*

*Version affected: *Possibly all version <= 3.3.5

*Tested on:* Linux:- Ubuntu, Debian, PHP - 5.5

The issue has been reported to the vendor:

Is it possible to assign CVE identifier for the same ?

Thank you,


Anirudh Anand

*"Those who Say it cannot be done, should not interrupt the people doing

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ