CVE-2026-5203 in CMS Made Simpleinfo

Summary

A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function _copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. This issue has been reported early to the project. They confirmed, that "this has already been discovered and fixed for the next release."

Disclosure

03/31/2026

Entries

VulDB provides additional information and datapoints for this CVE:

ID	Vulnerability	CWE	Exp	Cou	CVE
354331	CMS Made Simple UserGuide Module XML Import class.UserGuideImporterExporter.php _copyFilesToFolder path traversal	22	Proof-of-Concept	Not defined	CVE-2026-5203

Description

CPE

CWE

CVSS

Exploits

History

Diff

Relate

Threat Intelligence

API JSON

API XML

API CSV

◂ PreviousOverviewNext ▸

Want to know what is going to be exploited?

We predict KEV entries!