CVE-2011-0635

Simploo CMS < 1.7.1 - Authenticated PHP Code Injection via FTP-Server Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-0635. PoCs published by David Vieira-Kurz.

AI-analyzed exploit summary This exploit demonstrates a PHP code injection vulnerability in Simploo CMS Community Edition via the FTP-Server field. The injected code is written to a configuration file and executed when accessed, allowing remote code execution.

Description

Static code injection vulnerability in Simploo CMS 1.7.1 and earlier allows remote authenticated users to inject arbitrary PHP code into config/custom/base.ini.php via the ftpserver parameter (FTP-Server field) to the sicore/updates/optionssav operation for index.php.

Exploits (1)

exploitdb WORKING POC

by David Vieira-Kurz · textwebappsphp

https://www.exploit-db.com/exploits/16016

View Code ZIP pw:eip

This exploit demonstrates a PHP code injection vulnerability in Simploo CMS Community Edition via the FTP-Server field. The injected code is written to a configuration file and executed when accessed, allowing remote code execution.

Classification

Working Poc 90%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: Simploo CMS Community Edition 1.7.1 and prior

Auth required

Prerequisites: Write privileges in the application · Access to the admin panel

MITRE ATT&CK