CVE-2021-47736

HIGH

CMSimple_XH 1.7.4 - Authenticated Remote Code Execution via Content Editing

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2021-47736. PoCs published by Halit AKAYDIN.

AI-analyzed exploit summary This exploit targets CMSimple_XH 1.7.4, leveraging an authenticated RCE vulnerability by injecting a PHP payload into a misconfigured backup page. It requires valid credentials and creates a backdoor file for command execution.

Description

CMSimple_XH 1.7.4 contains an authenticated remote code execution vulnerability in the content editing functionality that allows administrative users to upload malicious PHP files. Attackers with valid credentials can exploit the CSRF token mechanism to create a PHP shell file that enables arbitrary command execution on the server.

Exploits (1)

exploitdb WORKING POC
by Halit AKAYDIN · pythonwebappsphp
https://www.exploit-db.com/exploits/50367

This exploit targets CMSimple_XH 1.7.4, leveraging an authenticated RCE vulnerability by injecting a PHP payload into a misconfigured backup page. It requires valid credentials and creates a backdoor file for command execution.

Classification
Working Poc 95%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CMSimple_XH 1.7.4
Auth required
Prerequisites: Valid credentials for CMSimple_XH admin panel · Network access to the target
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry exploit
https://www.exploit-db.com/exploits/50367

Scores

CVSS v3 7.2
EPSS 0.0093
EPSS Percentile 55.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-94
Status published
Products (1)
cmsimple-xh/cmsimple_xh 1.7.4
Published Dec 23, 2025
Tracked Since Feb 18, 2026