EIP-2026-105988

PRE-CVE

CMS Made Simple 2.2.15 - RCE (Authenticated)

Title source: legacy

Exploitation Summary

EIP tracks 1 public exploit for EIP-2026-105988. PoCs published by Andrey Stoykov.

AI-analyzed exploit summary This exploit leverages an authenticated RCE vulnerability in CMS Made Simple 2.2.15 via the 'editusertag.php' file, where user input is passed to an eval() function. The PoC demonstrates command execution by injecting a reverse shell payload into a User Defined Tag.

Description

CMS Made Simple 2.2.15 - RCE (Authenticated)

Exploits (1)

exploitdb WORKING POC

by Andrey Stoykov · textwebappsphp

https://www.exploit-db.com/exploits/49345

View Code ZIP pw:eip

This exploit leverages an authenticated RCE vulnerability in CMS Made Simple 2.2.15 via the 'editusertag.php' file, where user input is passed to an eval() function. The PoC demonstrates command execution by injecting a reverse shell payload into a User Defined Tag.

Classification

Working Poc 95%

Attack Type

Rce

Complexity

Trivial

Reliability

Reliable

Target: CMS Made Simple 2.2.15

Auth required

Prerequisites: Administrator access to the CMS · Network connectivity to the target

MITRE ATT&CK

T1059 - Command and Scripting Interpreter T1203 - Exploitation for Client Execution

devstral-2 · analyzed Feb 16, 2026 Full analysis →

Details

Status pre_cve

Tracked Since Feb 18, 2026