Vulnerability CVE-2018-10517


Published: 2018-04-27

Description:
In CMS Made Simple (CMSMS) through 2.2.7, the "module import" operation in the admin dashboard contains a remote code execution vulnerability, exploitable by an admin user, because an XML Package can contain base64-encoded PHP code in a data element.

See advisories in our WLB2 database:
Topic
Author
Date
High
CMS Made Simple 2.2.7 Remote Code Execution
Lucian Ioan Nite...
06.11.2018

Vendor: Cmsmadesimple
Product: Cms made simple 
Version: 2.2.7;

CVSS2 => (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
6.5/10
6.4/10
8/10
Exploit range
Attack complexity
Authentication
Remote
Low
Single time
Confidentiality impact
Integrity impact
Availability impact
Partial
Partial
Partial

 References:
https://github.com/itodaro/cmsms_cve/blob/master/README.md
https://www.exploit-db.com/exploits/45793/

Related CVE
CVE-2019-1010290
Babel: Multilingual site Babel All is affected by: Open Redirection. The impact is: Redirection to any URL, which is supplied to redirect.php in a "newurl" parameter. The component is: redirect.php. The attack vector is: The victim must open a link c...
CVE-2019-11226
CMS Made Simple 2.2.10 has XSS via the m1_name parameter in "Add Article" under Content -> Content Manager -> News.
CVE-2019-11513
The File Manager in CMS Made Simple through 2.2.10 has Reflected XSS via the "New name" field in a Rename action.
CVE-2019-9056
An issue was discovered in CMS Made Simple 2.2.8. In the module FrontEndUsers (in the file class.FrontEndUsersManipulate.php or class.FrontEndUsersManipulator.php), it is possible to reach an unserialize call with an untrusted __FEU__ cookie, and ach...
CVE-2019-10107
CMS Made Simple 2.2.10 has XSS via the myaccount.php "Email Address" field, which is reachable via the "My Preferences -> My Account" section.
CVE-2019-10106
CMS Made Simple 2.2.10 has XSS via the 'moduleinterface.php' Name field, which is reachable via an "Add Category" action to the "Site Admin Settings - News module" section.
CVE-2019-10105
CMS Made Simple 2.2.10 has a Self-XSS vulnerability via the Layout Design Manager "Name" field, which is reachable via a "Create a new Template" action to the Design Manager.
CVE-2019-9061
An issue was discovered in CMS Made Simple 2.2.8. In the module ModuleManager (in the file action.installmodule.php), it is possible to reach an unserialize call with untrusted input and achieve authenticated object injection by using the "install mo...

Copyright 2019, cxsecurity.com

 

Back to Top