| Title | CMS Made Simple 2.2.22 Remote Code Execution |
|---|
| Description | The system does not properly verify the content of image files, allowing attackers to upload image files containing malicious scripts. The uploaded malicious image files are stored in publicly accessible directories, and these scripts can then be accessed and executed through web browsers, enabling attackers to take full control of the server environment. |
|---|
| Source | ⚠️ https://github.com/feixuezhi/CMSMadeSimple/wiki/CMS-Made-Simple-Version:-2.2.22-%E2%80%90-Remote-Code-Execution |
|---|
| User | feioklucy (UID 83820) |
|---|
| Submission | 08/22/2025 05:13 (10 months ago) |
|---|
| Moderation | 09/09/2025 18:10 (19 days later) |
|---|
| Status | Duplicate |
|---|
| VulDB entry | 128117 [CMS Made Simple 2.2.8 File Upload SVG Document cross site scripting] |
|---|
| Points | 0 |
|---|