CVE-2024-55085

CRITICAL

GetSimple CMS CE 3.3.19 - Remote Code Execution via Template Editing Function

Title source: llm

Description

GetSimple CMS CE 3.3.19 suffers from arbitrary code execution in the template editing function in the background management system, which can be used by an attacker to implement RCE.

References (2)

Core 2

Core References

Product

https://getsimple-ce.ovh/

Broken Link

https://tasteful-stamp-da4.notion.site/CVE-2024-55085-15b1e0f227cb80a5aee6faeb820bf7e6

Scores

CVSS v3 9.8

EPSS 0.0083

EPSS Percentile 53.0%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation poc

Automatable yes

Technical Impact total

Details

CWE

CWE-94

Status published

Products (1)

getsimple-ce/getsimple_cms 3.3.19

Published Dec 16, 2024

Tracked Since Feb 18, 2026