Jdr

**Name of the Vulnerable Software and Affected Versions** cmseasy version 7.7.5 20211012 **Description** The issue allows for an arbitrary file write, where a PHP script file is written to the website server. Accessing this file can lead to a code execution issue. **Recommendations** For cmseasy version 7.7.5 20211012, at the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** cmseasy version 7.7.5 20211012 **Description** The issue allows for an arbitrary file read after login, potentially exposing configuration file information of the website, including the database configuration file located in config / config database. **Recommendations** For cmseasy version 7.7.5 20211012, at the moment, there is no information about a newer version that contains a fix for this vulnerability.