PT-2017-18617 · Cms Made Simple · Cms Made Simple
Osanda Malith Jayathissa
+1
·
Published
2017-05-12
·
Updated
2024-08-05
·
CVE-2017-8912
CVSS v3.1
7.2
High
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
CMS Made Simple version 2.1.6
Description
The issue allows remote authenticated administrators to execute arbitrary PHP code via the
code parameter to "admin/editusertag.php", related to the CreateTagFunction and CallUserTag functions. The vendor has reportedly stated that this behavior is considered "a feature, not a bug."Recommendations
For CMS Made Simple version 2.1.6, consider disabling access to the "admin/editusertag.php" endpoint or restricting the use of the
code parameter to prevent arbitrary PHP code execution until a resolution is provided by the vendor.Exploit
Fix
Code Injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Cms Made Simple