CNNVD-202507-3270 Information
CNNVD ID
CNNVD-202507-3270
Related CVE
- CNNVD Published: 2025-07-25
Description (Chinese)
GetSimple CMS是GetSimple CMS开源的一个内容管理系统。 GetSimple CMS 3.2.1版本存在安全漏洞,该漏洞源于上传功能未正确验证MIME类型和扩展名,可能导致远程代码执行。
Description (English)
GetSimple CMS is an open-source content management system for GetSimple CMS. There is a security loophole in the GetSimple CMS 3.2.1 version, which results from the upload function’s incorrect validation of mimetypes and extensions, which may lead to remote code execution.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
GetSimple CMS
Published
2025-07-25
Last Modified
2026-02-24
References
https://get-simple.info https://raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/unix/webapp/get_simple_cms_upload_exec.rb https://www.broadcom.com/support/security-center/attacksignatures/detail?asid=27895 https://www.exploit-db.com/exploits/25405 https://www.fortiguard.com/encyclopedia/ips/39295 https://www.vulncheck.com/advisories/getsimple-cms-auth-rce-via-arbitrary-php-file-upload https://access.redhat.com/security/cve/cve-2013-10032
Patch
https://github.com/GetSimpleCMS/GetSimpleCMS/releases
Share on: