CNNVD-202601-3412 Information
CNNVD ID
CNNVD-202601-3412
Related CVE
- CNNVD Published: 2026-01-21
Description (Chinese)
GetSimple Content Management System是GetSimpleCMS开源的一个内容管理系统。 GetSimple Content Management System 1.1.2版本存在代码注入漏洞,该漏洞源于通过插件配置参数存在PHP代码注入,可能导致远程代码执行。
Description (English)
GetSimpleContent Management System is a content management system for GetSimpleCMS open source. GetSimpleContent Management System 1.1.2 has a code-injection loophole, which stems from the presence of PHP code-injection through plugin configuration parameters, which may result in remote code implementation.
Hazard Level
High
Vulnerability Type
代码注入
Affected Vendor
GetSimpleCMS
Published
2026-01-21
Last Modified
2026-02-24
References
http://get-simple.info https://www.exploit-db.com/exploits/49774 https://www.vulncheck.com/advisories/getsimple-cms-my-smtp-contact-plugin-php-code-injection https://github.com/boku7/gsSMTP-Csrf2Xss2RCE/ https://github.com/GetSimpleCMS/GetSimpleCMS https://access.redhat.com/security/cve/cve-2021-47778
Patch
https://github.com/GetSimpleCMS/GetSimpleCMS/releases
Share on: