CVE

CVE-2018-10522

admin

CVE-2018-10522

In CMS Made Simple (CMSMS) through 2.2.7, the "file view" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by ordinary users, because the product exposes unrestricted access to the PHP file_get_contents function.

Source: CVE-2018-10522

Exit mobile version