CVE-2018-10086

Name of the Vulnerable Software and Affected Versions: CMS Made Simple (CMSMS) versions prior to 2.2.8

Description: The issue is related to an arbitrary code execution vulnerability in the admin dashboard. This vulnerability arises from the use of eval function, specifically with the string 'function testfunction'.rand(), allowing potential bypass of restrictions on testfunction functions.

Recommendations: For CMS Made Simple (CMSMS) versions prior to 2.2.8, update to version 2.2.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the admin dashboard to minimize the risk of exploitation.