S1Lv3R

**Name of the Vulnerable Software and Affected Versions** CMSimple version 5.4 **Description** CMSimple version 5.4 contains a flaw that allows attackers to manipulate PHP session files and potentially execute arbitrary code. This is possible through an authenticated local file inclusion, where attackers can change the functions file path and upload malicious PHP code via session file upload mechanisms. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** CMSimple version 5.4 **Description** The issue exists due to a Directory Traversal vulnerability. This occurs when a user changes the file name to a malicious file on `config.php`, leading to remote code execution. **Recommendations** For CMSimple version 5.4, update to a version that fixes the Directory Traversal vulnerability to prevent remote code execution. As a temporary workaround, consider restricting access to the `config.php` file to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** CMSimple version 5.4 **Description** The issue is related to Cross Site Scripting (XSS) via the file upload feature. **Recommendations** For CMSimple version 5.4, consider disabling the file upload feature until a patch is available to prevent potential exploitation.

**Name of the Vulnerable Software and Affected Versions** Bolt CMS versions prior to 4.3 **Description** The issue allows an authenticated attacker to inject server-side template code through unsafe theme rendering, leading to remote code execution. **Recommendations** For Bolt CMS versions prior to 4.3, update to a version that includes the fix for this issue to prevent remote code execution.