Security Advisory

CVE-2018-10515

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-04-27 18:00:00

Last updated 2024-09-16 19:21:00

Assigner mitre

State PUBLISHED

Description

In CMS Made Simple (CMSMS) through 2.2.7, the "file unpack" operation in the admin dashboard contains a remote code execution vulnerability exploitable by an admin user because a .php file can be present in the extracted ZIP archive.

← Browse all CVEs View on cve.org ↗