CVE-2018-10518

Name of the Vulnerable Software and Affected Versions: CMS Made Simple versions prior to 2.2.8

Description: The issue allows for arbitrary file deletion, potentially leading to a denial of service (DoS), and can be exploited by an admin user. This is because an attacker can remove all lib/ files in all directories through the "file delete" operation in the admin dashboard.

Recommendations: For versions prior to 2.2.8, update to version 2.2.8 or later to resolve the issue. As a temporary workaround, consider restricting access to the "file delete" operation in the admin dashboard to minimize the risk of exploitation.