CVE-2007-5442

CMS Made Simple 1.1.3.1 - Authenticated Arbitrary File Upload

Title source: llm
STIX 2.1

Description

CMS Made Simple 1.1.3.1 does not check the permissions assigned to users who attempt uploads, which allows remote authenticated users to upload unspecified files via unknown vectors.

References (2)

Core 2
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/481984/100/0/threaded
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3223

Scores

EPSS 0.0014
EPSS Percentile 33.8%

Details

CWE
CWE-264
Status published
Products (1)
cmsmadesimple/cms_made_simple 1.1.3.1
Published Oct 14, 2007
Tracked Since Feb 18, 2026