5 matches found
CVE-2020-10682
The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1files to admin/moduleinterface.php. The file should be sent as application/octet-stream and contain PHP code it need not be a valid JPEG file...
CVE-2020-10682
creationtimestamp| type| source ---|---|--- 2021-06-05 15:44:46+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/3542...
CVE-2020-10682
The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1files to admin/moduleinterface.php. The file should be sent as application/octet-stream and contain PHP code it need not be a valid JPEG file...
CVE-2020-10682
The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1files to admin/moduleinterface.php. The file should be sent as application/octet-stream and contain PHP code it need not be a valid JPEG file...
CVE-2020-10682
CMS Made Simple Filemanager in version 2.2.13 is vulnerable to remote code execution via a crafted .php.jpegd JPEG file. An attacker can deliver PHP code by uploading a file (sent as application/octet-stream) and triggering it through admin/moduleinterface.php (e.g., using m1_files[]) to execute ...