CVE-2017-11405

Name of the Vulnerable Software and Affected Versions CMS Made Simple (CMSMS) version 2.2.2

Description The issue allows remote authenticated administrators to upload a .php file. This can be achieved by performing a CMSContentManager action to "admin/moduleinterface.php", followed by a FilePicker action to "admin/moduleinterface.php" where the type parameter is changed from image to file.

Recommendations For CMS Made Simple (CMSMS) version 2.2.2, consider restricting access to the admin/moduleinterface.php endpoint to prevent unauthorized file uploads until a patch is available. As a temporary workaround, restrict the FilePicker action to only allow type=image to minimize the risk of exploitation.