CVE-2022-23906

Publication date

2022-02-28 22:55:14

Family

mitre

State

PUBLISHED

Description

CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution (RCE) vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file.