CMS Made Simple versions 1.7.1 and below suffer from cross site request forgery and cross site scripting vulnerabilities.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/90181/Bkis-02-2010.txt
Source: https://packetstormsecurity.com/files/90181/CMS-Made-Simple-1.7.1-Cross-Site-Scripting-Cross-Site-Request-Forgery.html