CVE-2017-11404
4.9
Vector
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:N
Exploitability: 1.2 / Impact: 3.6
Source: NVD
Description
In CMS Made Simple (CMSMS) 2.2.2, remote authenticated administrators can upload a .php file via a FileManager action to admin/moduleinterface.php.
Affected (1)
Products: Cmsmadesimple: Cms Made Simple
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2.2.2 |
References (2)
http://www.yuesec.com/img/cccccve/CMSMadeSimple/upl0advul123/images/upload_vulnerability_yuesec.html
Source: cve@mitre.org
ExploitThird Party Advisory
http://www.yuesec.com/img/cccccve/CMSMadeSimple/upl0advul123/images/upload_vulnerability_yuesec.html
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitThird Party Advisory
Timeline
No history available yet.