Description

CMS Made Simple 2.2.1 Local File Inclusion

Remediation

Update to CMS Made Simple 2.2.2 or later.

References

http://www.cmsmadesimple.org/2017/07/Announcing-CMSMS-2.2.2-Hearts-Content

Related Vulnerabilities

webadmin.php script

WordPress Plugin Amelia-Events & Appointments Booking Calendar Multiple Vulnerabilities (1.0.45)

WordPress Plugin Responsive Owl Carousel for Elementor Local File Inclusion (1.2.0)

WordPress Plugin Post PDF Export Local File Inclusion (1.0.1)

WordPress Plugin Media Library Assistant Multiple Vulnerabilities (2.81)

Severity

Medium

Classification

CWE-94 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:L CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Tags

File Inclusion