Sensitive Information Disclosure Vulnerability in CMS Made Simple (CMSMS) through 2.2.7
CVE-2018-10522 · MEDIUM Severity
AV:N/AC:L/AU:S/C:P/I:N/A:N
In CMS Made Simple (CMSMS) through 2.2.7, the "file view" operation in the admin dashboard contains a sensitive information disclosure vulnerability, exploitable by ordinary users, because the product exposes unrestricted access to the PHP file_get_contents function.
Learn more about our Cms Pen Testing.