Browse all 14 CVE security advisories affecting Simplephpscripts. AI-powered Chinese analysis, POCs, and references for each vulnerability.
SimplePHPscripts develops lightweight PHP web applications for small businesses and personal websites, focusing on content management and e-commerce solutions. Historically, the software has been vulnerable to multiple remote code execution flaws, cross-site scripting (XSS), and privilege escalation vulnerabilities, often stemming from insufficient input validation and insecure authentication mechanisms. With 14 CVEs recorded, these issues have allowed attackers to execute arbitrary code, steal session cookies, and gain unauthorized administrative access. While no major public security incidents have been documented, the consistent pattern of vulnerabilities suggests a need for improved security practices in development and regular patching for deployed instances.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2021-47919 | Simple CMS 2.1 Non-Persistent Cross-Site Scripting via Preview Parameter — Simple CMSCWE-79 | 6.4 | Medium | 2026-02-01 |
| CVE-2021-47917 | Simple CMS 2.1 Persistent Cross-Site Scripting via User Input Parameters — Simple CMSCWE-79 | 6.4 | Medium | 2026-02-01 |
| CVE-2021-47918 | Simple CMS 2.1 SQL Injection Vulnerability via Users Module — Simple CMSCWE-89 | 8.1 | High | 2026-02-01 |
This page lists every published CVE security advisory associated with Simplephpscripts. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.