CVE-2019-9059

CVE-2019-9059

An issue was discovered in CMS Made Simple 2.2.8. It is possible, with an administrator account, to achieve command injection by modifying the path of the e-mail executable in Mail Settings, setting "sendmail" in the "Mailer" option, and launching the "Forgot your password" feature.

Source: CVE-2019-9059

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다