Smarty Templating Injection in CMS Made Simple Core Modules Allows Unauthenticated PHP Code Execution

Smarty Templating Injection in CMS Made Simple Core Modules Allows Unauthenticated PHP Code Execution

CVE-2017-1000453 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

CMS Made Simple version 2.1.6 and 2.2 are vulnerable to Smarty templating injection in some core modules, resulting in unauthenticated PHP code execution.

Learn more about our Web Application Penetration Testing UK.