Remote code execution in CMS Made Simple - CVE-2018-7448
Published: March 1, 2018 / Updated: April 19, 2024
Vulnerability identifier: #VU10794
CSH Severity: High
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:P/U:Amber
CVE-ID: CVE-2018-7448
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
Public exploit is available
Vendor: cmsmadesimple.org
Affected software:
CMS Made Simple
CMS Made Simple
Detailed vulnerability description
The vulnerability allows a remote authenticated attacker to execute arbitrary PHP code on the target system.
The weakness exists in the config.php file due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted input, inject arbitrary PHP code via the timezone parameter in the config.php file and execute arbitrary PHP code.
Successful exploitation of the vulnerability may result in system compromise.
The weakness exists in the config.php file due to insufficient validation of user-supplied input. A remote attacker can send a specially crafted input, inject arbitrary PHP code via the timezone parameter in the config.php file and execute arbitrary PHP code.
Successful exploitation of the vulnerability may result in system compromise.
How to mitigate CVE-2018-7448
Update to version 2.2 or later.