header-logo
Suggest Exploit
explore-vulnerabilities

Explore Vulnerabilities

Version
Year

Explore all Exploits:

CMSimple 5.4 – Local file inclusion (LFI) to Remote code execution (RCE) (Authenticated)

CMSimple 5.4 is vulnerable to Local file inclusion (LFI) to Remote code execution (RCE) when an authenticated user is present. An attacker can exploit this vulnerability by changing the functions_file parameter to php://input and sending a malicious payload to the server. This will allow the attacker to execute arbitrary code on the server.

Recent Exploits: