A remote code execution vulnerability has been identified in the User Defined Tags module of CMS Made Simple version 2.2.19 / 2.2.21. This vulnerability arises from inadequate sanitization of user-supplied input in the Code section of the module. As a result, authenticated users with administrative privileges can inject and execute arbitrary PHP code.
Weakness
The product does not adequately filter user-controlled input for special elements with control implications.
Affected Software
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Cms_made_simple | Cmsmadesimple | 2.2.19 (including) | 2.2.19 (including) |
| Cms_made_simple | Cmsmadesimple | 2.2.21 (including) | 2.2.21 (including) |
Potential Mitigations
Related Attack Patterns
References
- https://github.com/capture0x/CMSMadeSimple/
- https://packetstormsecurity.com/files/177241/CMS-Made-Simple-2.2.19-Remote-Code-Execution.html
- https://github.com/capture0x/CMSMadeSimple/
- https://packetstormsecurity.com/files/177241/CMS-Made-Simple-2.2.19-Remote-Code-Execution.html
- https://www.vicarius.io/vsociety/posts/pwning-cmsms-via-user-defined-tags-for-fun-and-learning-cve-2024-27622-27623