2026-02-01 12:15:50
VulnCheck
PUBLISHED
Simple CMS 2.1 contains a non-persistent cross-site scripting vulnerability in the preview.php files id parameter. Attackers can inject malicious script code through a GET request to execute arbitrary scripts and potentially hijack user sessions or perform phishing attacks.