Security Advisory

CVE-2024-58280

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-10 21:13:33

Last updated 2026-04-07 14:08:33

Assigner VulnCheck

State PUBLISHED

Description

CMSimple 5.15 contains a remote command execution vulnerability that allows authenticated attackers to modify file extensions and upload malicious PHP files. Attackers can append ,php to Extensions_userfiles and upload a shell script to the media directory to execute arbitrary code on the server.

← Browse all CVEs View on cve.org ↗