6 matches found
CVE-2017-8912
CMS Made Simple CMSMS 2.1.6 allows remote authenticated administrators to execute arbitrary PHP code via the code parameter to admin/editusertag.php, related to the CreateTagFunction and CallUserTag functions. NOTE: the vendor reportedly has stated this is "a feature, not a bug...
CVE-2017-8912
CVE-2017-8912 (CMS Made Simple 2.1.6) : A remote code execution vulnerability exists in admin/editusertag.php via the code parameter, enabling arbitrary PHP execution by remote authenticated admins. Root cause is tied to CreateTagFunction/CallUserTag logic. Affected software is CMS Made Simple 2....
CMS Made Simple 2.1.6 - Multiple Vulnerabilities
Exploit for php platform in category web applications Title: CMSMS 2.1.6 Multiple Vulnerabilities Date: 10-05-2017 Tested on: Windows 8 64-bit Exploit Author: Osanda Malith Jayathissa @OsandaMalith Original write-up: https://osandamalith.com/2017/05/11/cmsms-2-1-6-multiple-vulnerabilities/ CVE:...
CMS Made Simple 2.1.6 Code Execution / Cross Site Scripting
Title: CMSMS 2.1.6 Multiple Vulnerabilities Date: 10-05-2017 Tested on: Windows 8 64-bit Exploit Author: Osanda Malith Jayathissa @OsandaMalith Original write-up: https://osandamalith.com/2017/05/11/cmsms-2-1-6-multiple-vulnerabilities/ CVE: CVE-2017-8912 Remote Code Execution...
CMS Made Simple 2.1.6 - Multiple Vulnerabilities
Title: CMSMS 2.1.6 Multiple Vulnerabilities Date: 10-05-2017 Tested on: Windows 8 64-bit Exploit Author: Osanda Malith Jayathissa @OsandaMalith Original write-up: https://osandamalith.com/2017/05/11/cmsms-2-1-6-multiple-vulnerabilities/ CVE: CVE-2017-8912 Remote Code Execution...
CMS Made Simple 2.1.6 - Multiple Vulnerabilities
CMS Made Simple 2.1.6 - Multiple Vulnerabilities Title: CMSMS 2.1.6 Multiple Vulnerabilities Date: 10-05-2017 Tested on: Windows 8 64-bit Exploit Author: Osanda Malith Jayathissa @OsandaMalith Original write-up: https://osandamalith.com/2017/05/11/cmsms-2-1-6-multiple-vulnerabilities/ CVE:...