CMS Made Simple 2.2.5 Authenticated Remote Command Execution Exploit

CMS Made Simple version 2.2.5 allows an authenticated administrator to upload a file and rename it to have a .php extension. The file can then be executed by opening the URL of the file in the /uploads/ directory. This module requires Metasploit: https://metasploit.com/download Current source:...