Security for everyone

CVE-2019-9915 Scanner

Detects 'Open Redirect' vulnerability in GetSimple CMS affects v. 3.3.13.

SCAN NOW

Short Info


Level

Medium

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 sec

Scan only one

Domain, Ipv4

Toolbox

-

GetSimple CMS is a Content Management System (CMS) designed to simplify the process of creating and managing websites. It’s a lightweight CMS, known for its ease of use, flexibility, and minimalistic interface. It’s an open-source software that has been in use since 2009. It’s based on PHP, and it stores its data in XML files instead of databases.

Recently, a vulnerability has been detected in GetSimple CMS, known as CVE-2019-9915. This vulnerability allows attackers to redirect users to malicious websites by manipulating the redirect parameter in the admin/index.php page. The attacker can exploit this vulnerability by crafting a malicious URL that appears to be legitimate, leading the user to believe they’re visiting a trusted website. Once the user clicks on the link, they’re redirected to a malicious site that can steal their sensitive information.

Exploiting this vulnerability can lead to a range of negative consequences. For instance, cybercriminals can use phishing attacks to trick users into sharing their login credentials, personal information, or financial data. This can result in identity theft, financial loss, and reputational damage. If the victim is a business, the attack could lead to downtime, diminished productivity, and lost revenue.

If you want to stay abreast of the latest vulnerabilities and security threats to your digital assets, you need a reliable source of information. Securityforeveryone.com provides a platform that delivers curated and personalized reports on the security posture of your company and its digital properties. With pro features such as automated scanning, alerts, and threat intelligence feeds, you can rest assured that your website is protected against known and unknown risks. Invest in your digital security today and secure your website with Securityforeveryone.com.

 

REFERENCES

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.
Try it yourself,
control security posture