CVE-2024-1527 Information

Description

Unrestricted file upload vulnerability in CMS Made Simple affecting version 2.2.14. This vulnerability allows an authenticated user to bypass the security measures of the upload functionality and potentially create a remote execution of commands via webshell.

Reference

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-cms-made-simple