Unrated severityNVD Advisory· Published Mar 20, 2020· Updated Aug 4, 2024
CVE-2020-10682
CVE-2020-10682
Description
The Filemanager in CMS Made Simple 2.2.13 allows remote code execution via a .php.jpegd JPEG file, as demonstrated by m1_files[] to admin/moduleinterface.php. The file should be sent as application/octet-stream and contain PHP code (it need not be a valid JPEG file).
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- CMS Made Simple/CMS Made Simpledescription
- Range: = 2.2.13
Patches
Vulnerability mechanics
References
1- dev.cmsmadesimple.org/bug/view/12275mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.