Critical severity9.8NVD Advisory· Published Feb 21, 2017· Updated Jun 17, 2026
CVE-2017-6070
CVE-2017-6070
Description
CMS Made Simple version 1.x Form Builder before version 0.8.1.6 allows remote attackers to execute PHP code via the cntnt01fbrp_forma_form_template parameter in admin_store_form.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
4cpe:2.3:a:cmsmadesimple:form_builder:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:cmsmadesimple:form_builder:*:*:*:*:*:*:*:*range: <=0.8.1.5
- (no CPE)range: <0.8.1.6
- Range: <0.8.1.6
Patches
Vulnerability mechanics
References
2- daylight-it.com/security-advisory-dlcs0001.htmlnvdExploitThird Party Advisory
- dev.cmsmadesimple.org/project/files/69nvdProduct
News mentions
0No linked articles in our index yet.