CVE-2023-36969

HIGH

CMS Made Simple 2.2.17 - Authenticated Remote Code Execution via File Upload

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2023-36969. PoCs published by Okan Kurtuluş, Mirabbas Ağalarov, tastyrice, including Metasploit module exploits/multi/http/cmsms_file_manager_auth_rce.

AI-analyzed exploit summary This Metasploit module exploits an authenticated file upload vulnerability in CMS Made Simple <= v2.2.21, allowing an attacker to upload and execute PHP code via .phar or .phtml files, leading to remote code execution (RCE).

Description

CMS Made Simple v2.2.17 is vulnerable to Remote Command Execution via the File Upload Function.

Exploits (1)

metasploit WORKING POC EXCELLENT
by Okan Kurtuluş, Mirabbas Ağalarov, tastyrice · rubypoc
https://github.com/rapid7/metasploit-framework/blob/master/modules/exploits/multi/http/cmsms_file_manager_auth_rce.rb

This Metasploit module exploits an authenticated file upload vulnerability in CMS Made Simple <= v2.2.21, allowing an attacker to upload and execute PHP code via .phar or .phtml files, leading to remote code execution (RCE).

Classification
Working Poc 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: CMS Made Simple <= v2.2.21
Auth required
Prerequisites: Valid administrator credentials · Access to the admin panel
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (1)

Core 1

Scores

CVSS v3 8.8
EPSS 0.4481
EPSS Percentile 98.6%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation poc
Automatable no
Technical Impact total

Details

CWE
CWE-434
Status published
Products (1)
cmsmadesimple/cms_made_simple 2.2.17
Published Jul 06, 2023
Tracked Since Feb 18, 2026