CVE-2021-28998

CVSS V2 None CVSS V3 None
Description
File upload vulnerability in CMS Made Simple through 2.2.15 allows remote authenticated attackers to gain a webshell via a crafted phar file.
Overview
  • CVE ID
  • CVE-2021-28998
  • Assigner
  • cve@mitre.org
  • Vulnerability Status
  • Awaiting Analysis
  • Published Version
  • 2023-05-08T14:15:10
  • Last Modified Date
  • 2023-05-08T14:17:28
References
Reference URL Reference Tags
https://github.com/beerpwn/CVE/blob/master/cms_made_simple_2021/file_upload_RCE/File_upload_to_RCE.md
https://seclists.org/fulldisclosure/2021/Mar/50
Sources
Source Name Source URL
NIST https://nvd.nist.gov/vuln/detail/CVE-2021-28998
MITRE https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-28998
History
Created Old Value New Value Data Type Notes
2023-05-08 15:01:22 Added to TrackCVE