Unrated severityNVD Advisory· Published Jan 22, 2011· Updated Jun 16, 2026
CVE-2011-0635
CVE-2011-0635
Description
Static code injection vulnerability in Simploo CMS 1.7.1 and earlier allows remote authenticated users to inject arbitrary PHP code into config/custom/base.ini.php via the ftpserver parameter (FTP-Server field) to the sicore/updates/optionssav operation for index.php.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
7cpe:2.3:a:simploo:simploo_cms:*:*:*:*:*:*:*:*+ 6 more
- cpe:2.3:a:simploo:simploo_cms:*:*:*:*:*:*:*:*range: <=1.7.1
- cpe:2.3:a:simploo:simploo_cms:1.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:simploo:simploo_cms:1.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:simploo:simploo_cms:1.5.0:*:*:*:*:*:*:*
- cpe:2.3:a:simploo:simploo_cms:1.5.2:*:*:*:*:*:*:*
- cpe:2.3:a:simploo:simploo_cms:1.7.0:*:*:*:*:*:*:*
- (no CPE)range: <=1.7.1
Patches
Vulnerability mechanics
References
6News mentions
0No linked articles in our index yet.