CVE-2021-47735

HIGH

CMSimple 5.4 - Authenticated Remote Code Execution via Template Editing

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47735. PoCs published by pussycat0x.

AI-analyzed exploit summary This exploit targets Cmsimple 5.4, leveraging authenticated RCE by injecting a PHP reverse shell into the template file via CSRF-protected form submission. It requires valid credentials and a listener setup.

Description

CMSimple 5.4 contains an authenticated remote code execution vulnerability that allows logged-in attackers to inject malicious PHP code into template files. Attackers can exploit the template editing functionality by crafting a reverse shell payload and saving it through the template editing endpoint with a valid CSRF token.

Exploits (1)

exploitdb WORKING POC
by pussycat0x · pythonwebappsphp
https://www.exploit-db.com/exploits/50356

This exploit targets Cmsimple 5.4, leveraging authenticated RCE by injecting a PHP reverse shell into the template file via CSRF-protected form submission. It requires valid credentials and a listener setup.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Cmsimple 5.4
Auth required
Prerequisites: Valid credentials for Cmsimple 5.4 · Network access to the target · Listener setup for reverse shell
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3

Scores

CVSS v3 8.8
EPSS 0.0076
EPSS Percentile 50.5%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-94
Status published
Products (1)
cmsimple/cmsimple 5.4
Published Dec 23, 2025
Tracked Since Feb 18, 2026