CVE-2026-5203

MEDIUM

CMS Made Simple UserGuide Module XML Import class.UserGuideImporterExporter.php _copyFilesToFolder path traversal

Title source: cna

Exploitation Summary

EIP tracks 1 public exploit for CVE-2026-5203. PoCs published by CaginKyr.

AI-analyzed exploit summary This repository contains a functional exploit for CVE-2026-5203, targeting CMS Made Simple ≤ 2.2.22. The exploit leverages path traversal and arbitrary file upload via the UserGuide module's XML import functionality to achieve remote code execution.

Description

A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function _copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. This issue has been reported early to the project. They confirmed, that "this has already been discovered and fixed for the next release."

Exploits (1)

github WORKING POC

by CaginKyr · pythonpoc

https://github.com/CaginKyr/CVE-2026-5203

View Code ZIP pw:eip

This repository contains a functional exploit for CVE-2026-5203, targeting CMS Made Simple ≤ 2.2.22. The exploit leverages path traversal and arbitrary file upload via the UserGuide module's XML import functionality to achieve remote code execution.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Moderate

Reliability

Reliable

Target: CMS Made Simple ≤ 2.2.22

Auth required

Prerequisites: Authenticated administrator access · UserGuide module enabled

MITRE ATT&CK

T1190 - Exploit Public-Facing Application T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed May 19, 2026 Full analysis →

References (4)

Core 4

Core References

Vdb Entry, Technical Description vdb-entry technical-description

VDB-354331 | CMS Made Simple UserGuide Module XML Import class.UserGuideImporterExporter.php _copyFilesToFolder path traversal

https://vuldb.com/vuln/354331

Signature, Permissions Required signature permissions-required

VDB-354331 | CTI Indicators (IOB, IOC, TTP, IOA)

https://vuldb.com/vuln/354331/cti

Third Party Advisory third-party-advisory

Submit #772855 | CMSMadeSimple CMS Made Simple (CMSMS) 2.2.22 and old versions modules/UserGuide/lib/class.UserGuideImporterExporter.php

https://vuldb.com/submit/772855

Exploit exploit

https://drive.proton.me/urls/Q0JHZ339BW#X9P2G3Guwvwa

Scores

CVSS v3 4.7

EPSS 0.0008

EPSS Percentile 23.8%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-22

Status published

Products (23)

None/CMS Made Simple 2.2.0

None/CMS Made Simple 2.2.1

None/CMS Made Simple 2.2.10

None/CMS Made Simple 2.2.11

None/CMS Made Simple 2.2.12

None/CMS Made Simple 2.2.13

None/CMS Made Simple 2.2.14

None/CMS Made Simple 2.2.15

None/CMS Made Simple 2.2.16

None/CMS Made Simple 2.2.17

... and 13 more

Published Mar 31, 2026

Tracked Since Mar 31, 2026