by vicarius
log in join community
by @secatgourity
12 Aug 2024
#cve_analysis

Write a blog analysis for a CVE

publish

Pwning CMSMS via User Defined Tags for fun and learning (CVE-2024-27622)

by @secatgourity
by @secatgourity
12 Aug 2024
#cve_analysis

Write a blog analysis for a CVE

publish

Pwning CMSMS via User Defined Tags for fun and learning (CVE-2024-27622)

CVEs

CVE-2024-27622
7.2 High Severity

Screenshots from the blog posts

images/cm04ciej06zeb1jofbftc49gt.pngimages/cm04ciej06zeb1jofbftc49gt.png

Summary

The blog post introduces a remote code execution vulnerability (CVE-2024-27622) in CMS Made Simple version 2.2.19, explaining how authenticated admin users can exploit the flaw in the User Defined Tags module.

Description

Tags

#RCE#exposed_to_RCE_attack#open-source#trending#cms#cms-made-simple#code-injection#authenticated-rce

@secatgourity

185 posts

Total vcoins

120.8K

Social media links

Comments (0)