← back
CVE-2022-23906

CVE-2022-23906

EPSS 2.1%
CMS Made Simple v2.2.15 was discovered to contain a Remote Command Execution (RCE) vulnerability via the upload avatar function. This vulnerability is exploited via a crafted image file.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://dev.cmsmadesimple.org/bug/view/12502