CVE-2017-11404CVE-2017-11404

Affected configuration(s):

cpe:/a:cmsmadesimple:cms_made_simple:2.2.2

Date published: 2017-07-17T20:29:00.247-04:00

Date last modified: 2017-07-19T15:04:41.937-04:00

CVSS Score: 4.0

Principal attack vector: NETWORK

Complexity:  LOW

Reference URL: http://www.yuesec.com/img/cccccve/CMSMadeSimple/upl0advul123/images/upload_vulnerability_yuesec.html

Summary: In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a FileManager action to admin/moduleinterface.php.

CategoriesUncategorised

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.