Unrated severityNVD Advisory· Published Oct 14, 2007· Updated Jun 16, 2026
CVE-2007-5441
CVE-2007-5441
Description
CMS Made Simple 1.1.3.1 does not check the permissions assigned to users in some situations, which allows remote authenticated users to perform some administrative actions, as demonstrated by (1) adding a user via a direct request to admin/adduser.php and (2) reading the admin log via an "admin/adminlog.php?page=1" request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- cpe:2.3:a:cmsmadesimple:cms_made_simple:1.1.3.1:*:*:*:*:*:*:*
- Range: = 1.1.3.1
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.