CVE-2007-5442

Published: Oct 14, 2007Modified: Apr 23, 2026

3.5

Vector

AV:N/AC:M/Au:S/C:N/I:P/A:N

Exploitability: 6.8 / Impact: 2.9

Source: NVD

Description

CMS Made Simple 1.1.3.1 does not check the permissions assigned to users who attempt uploads, which allows remote authenticated users to upload unspecified files via unknown vectors.

Affected (1)

Products: Cmsmadesimple: Cms Made Simple

Cmsmadesimple

1 product

Cms Made Simple

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Cmsmadesimple Cms Made Simple	Version 1.1.3.1

Related CWEs

CWE-264

References (4)

http://securityreason.com/securityalert/3223

Source: cve@mitre.org

http://www.securityfocus.com/archive/1/481984/100/0/threaded

Source: cve@mitre.org

http://securityreason.com/securityalert/3223

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.securityfocus.com/archive/1/481984/100/0/threaded

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.