CVE-2018-10519

Name of the Vulnerable Software and Affected Versions: CMS Made Simple versions 2.2.7

Description: The issue allows for a privilege escalation from an ordinary user to an admin user. This is achieved by manipulating the eff uid value within the $ COOKIE[$this-> loginkey] to equal 1. The vulnerability exists due to files in the tmp/ directory being accessible through HTTP requests, which is a result of an incorrect fix for a previous issue.

Recommendations: For CMS Made Simple version 2.2.7, consider restricting access to the tmp/ directory to prevent exploitation through HTTP requests. As a temporary workaround, avoid using the eff uid value in the $ COOKIE[$this-> loginkey] to authenticate users until a proper fix is available.