[+] Exploit Title ; Cms Made Simple unvaliated file upload Vulnerability
[+] Date : 2018-01-24
[+] Author : 0P3N3R From IRANIAN ETHICAL HACKERS
[+] Vendor HomePage : http://www.cmsmadesimple.org/
[+] Dork : intext:"This site is powered by CMS Made Simple version 2.2.5"
[+] Version : 2.2.5
[+] Tested On : windows 10 - kali linux 2.0
[+] Contact : https://telegram.me/WebServer
[+] Description :
[!] CMS Made Simple is an Open Source Content Management System. It’s built using PHP and the Smarty Engine, which keeps content, functionality, and templates separated
[+] Poc :
[*] Go to Admin Page and Select Content Form Menu
[*] Now Go to file manager and select file to upload
[*] you can upload any file and shells
[*] This File Manager support any formats Ex : php - html - txt - svg And ...
[+] Fix :
[!] Limit upload formats For ex : php - html - svg txt and ...
[+] Exploitation Technique:
[!] Local
[+] Severity Level:
[!] Medium
[+] We Are :
[!] 0P3N3R [+] Mehrdad_Ice [+] BaxTurk24 [+] S0hp [+] ERROR1067