EUVD-2024-17275

🗓️ 03 Oct 2025 20:07:09Reported by EUVDType

Unrestricted file upload vulnerability in CMS Made Simple version 2.2.14 allows remote command execution.

Reporter	Title	Published	Views	Family All 9
Circl	CVE-2024-1527	12 Mar 202417:32	–	circl
CNNVD	CMS Made Simple Code Issues Vulnerabilities	12 Mar 202400:00	–	cnnvd
CVE	CVE-2024-1527	12 Mar 202415:19	–	cve
Cvelist	CVE-2024-1527 Unrestricted Upload of File with Dangerous Type in CMS Made Simple	12 Mar 202415:19	–	cvelist
NVD	CVE-2024-1527	12 Mar 202416:15	–	nvd
OpenVAS	CMS Made Simple < 2.2.15 Multiple Vulnerabilities	9 Apr 202500:00	–	openvas
OSV	CVE-2024-1527	12 Mar 202416:15	–	osv
Prion	Unrestricted file upload	12 Mar 202416:15	–	prion
Vulnrichment	CVE-2024-1527 Unrestricted Upload of File with Dangerous Type in CMS Made Simple	12 Mar 202415:19	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "3234d64f-135d-32cd-8bff-b2a04414a555",
        "vendor": {
          "name": "CMS Made Simple"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "3234d64f-135d-32cd-8bff-b2a04414a555",
        "product": {
          "name": "CMS Made Simple"
        }
      },
      {
        "id": "4e178957-6cd4-3a77-9733-9c8fc4be7a7a",
        "product": {
          "name": "CMS Made Simple"
        },
        "product_version": "2.2.14"
      }
    ]
  }
]

Source	Link
incibe	www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cms-made-simple

03 Oct 2025 20:07Current

9.2High risk

Vulners AI Score9.2

CVSS 3.18.8 - 9.8

EPSS0.00056

SSVC