CVE-2018-19420

Published: Nov 21, 2018Modified: Nov 21, 2024

3.8

Vector

CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:N

Exploitability: 1.2 / Impact: 2.5

Source: NVD

Description

In GetSimpleCMS 3.3.15, admin/upload.php blocks .html uploads but there are several alternative cases in which HTML can be executed, such as a file with no extension or an unrecognized extension (e.g., the test or test.asdf filename), because of admin/upload-uploadify.php, and validate_safe_file in admin/inc/security_functions.php.

Affected (1)

Products: Get Simple: Getsimple Cms

1 product

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Get Simple Getsimple Cms	Version 3.3.15

Related CWEs

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (2)

https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1301

Source: cve@mitre.org

ExploitThird Party Advisory

https://github.com/GetSimpleCMS/GetSimpleCMS/issues/1301

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitThird Party Advisory

Timeline

No history available yet.