CVE-2019-9059
CVE-2019-9059 affects CMS Made Simple 2.2.8. The issue is a command injection vulnerability triggered by modifying the Mail Settings: set the Mailer to sendmail and use Forgot your password, with an administrator account able to influence the email executable path. The underlying cause is unsafel...