An issue was discovered in CMS Made Simple version 2.2.8. In the module DesignManager (in the files action.admin_bulk_css.php and action.admin_bulk_template.php), with an unprivileged user with Designer permission, it is possible to reach an unserialize call with a crafted value in the m1_allparms parameter, and achieve object injection. This Metasploit module has been successfully tested on CMS Made Simple versions 2.2.6, 2.2.7, 2.2.8, 2.2.9 and 2.2.9.1.
89958144f8e021770610570a9f70bd342705de89876594b1eeaf56a68799f77d
WordPress Form Maker plugin version 1.13.3 suffers from a remote SQL injection vulnerability.
426b45d32947941f83dd2c060d6278e5306070cc490f5c008dfa7eb4efe3bc5a
This Metasploit module exploits a PHP unserialize() in Pimcore before 5.7.1 to execute arbitrary code. An authenticated user with "classes" permission could exploit the vulnerability. The vulnerability exists in the "ClassController.php" class, where the "bulk-commit" method makes it possible to exploit the unserialize function when passing untrusted values in "data" parameter. Tested on Pimcore 5.4.0-5.4.4, 5.5.1-5.5.4, 5.6.0-5.6.6 with the Symfony unserialize payload. Tested on Pimcore 4.0.0-4.6.5 with the Zend unserialize payload.
e9668485fecf0de5fb772aff42ff232d1d7e80b39adcab869e40e189d37c4459
CMS Made Simple versions prior to 2.2.10 suffer from a remote SQL injection vulnerability.
15dcb3716a8e35a8688386af84e732041c8e06152ee9a78d1ef286a0e3c5b28b
This Metasploit module exploits a file upload vulnerability that allows for remote command execution in Showtime2 module versions 3.6.2 and below in CMS Made Simple (CMSMS). An authenticated user with "Use Showtime2" privilege could exploit the vulnerability. The vulnerability exists in the Showtime2 module, where the class "class.showtime2_image.php" does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). Tested on Showtime2 3.6.2, 3.6.1, 3.6.0, 3.5.4, 3.5.3, 3.5.2, 3.5.1, 3.5.0, 3.4.5, 3.4.3, 3.4.2 on CMS Made Simple (CMSMS) 2.2.9.1.
1df098a0e8333fb97bab3cd80dd2de6a5ea4a18a6d09b8daa9ff38cd10e5965a
CMS Made Simple Showtime2 module version 3.6.2 suffers from an authenticated arbitrary file upload vulnerability.
fa20c0dbf5abddd0ecf04e638c87694a61d978bf9edf8380b83ae038d3fe85d9