CVE-2025-63678

Summary: CVE-2025-63678 affects CMS Made Simple Foundation File Manager v2.2.22. An authenticated attacker with Administrator privileges can upload a crafted PHP file to the /uploads/ endpoint, potentially leading to arbitrary code execution. This aligns with multiple sources in the connected doc...