Skip to main content

Simple Php Cms

3 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest
CVE-2025-15263 MEDIUM POC This Month

A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

PHP SQLi Simple Php Cms
NVD VulDB
CVSS 4.0
5.5
EPSS
0.0%
CVE-2025-15262 LOW POC Monitor

A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.

PHP Authentication Bypass File Upload Simple Php Cms
NVD VulDB
CVSS 4.0
2.0
EPSS
0.1%
CVE-2025-15169 LOW POC Monitor

A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

PHP SQLi Simple Php Cms
NVD VulDB
CVSS 4.0
2.0
EPSS
0.0%
CVE-2025-15263
EPSS 0% CVSS 5.5
MEDIUM POC This Month

A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected is an unknown function of the file /admin/login.php of the component Admin Login. Executing a manipulation of the argument Username can lead to sql injection. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks.

PHP SQLi Simple Php Cms
NVD VulDB
CVE-2025-15262
EPSS 0% CVSS 2.0
LOW POC Monitor

A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The exploit has been released to the public and may be used for attacks.

PHP Authentication Bypass File Upload +1
NVD VulDB
CVE-2025-15169
EPSS 0% CVSS 2.0
LOW POC Monitor

A weakness has been identified in BiggiDroid Simple PHP CMS 1.0. Affected by this issue is some unknown functionality of the file /admin/editsite.php. Executing a manipulation of the argument ID can lead to sql injection. The attack may be performed from remote. The exploit has been made available to the public and could be used for attacks. The vendor was contacted early about this disclosure but did not respond in any way.

PHP SQLi Simple Php Cms
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy