CVE-2024-58280 | THREATINT

Description

CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ',php' to Extensions_userfiles and upload a shell script to the media directory to execute arbitrary code on the server.

PUBLISHED Reserved 2025-12-10 | Published 2025-12-10 | Updated 2025-12-11 | Assigner VulnCheck

HIGH: 8.6CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Problem types

CWE-403: Exposure of File Descriptor to Unintended Control Sphere ('File Descriptor Leak')

Product status

Default status

unaffected

5.15

affected

Credits

Ahmet Ümit BAYRAM finder

References

www.exploit-db.com/exploits/52040 (ExploitDB-52040) exploit

www.cmsimple.org (CMSimple Homepage) product

www.cmsimple.org/downloads_cmsimple50/CMSimple_5-15.zip (CMSimple Download Page) product

www.vulncheck.com/...-execution-via-extensions-configuration (VulnCheck Advisory: CMSimple 5.15 Remote Command Execution via Extensions Configuration) third-party-advisory

cve.org (CVE-2024-58280)

nvd.nist.gov (CVE-2024-58280)

Download JSON