Physical Path Leakage Vulnerability in CMS Made Simple (CMSMS) 2.2.7

Physical Path Leakage Vulnerability in CMS Made Simple (CMSMS) 2.2.7

CVE-2018-10523 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

CMS Made Simple (CMSMS) through 2.2.7 contains a physical path leakage Vulnerability via /modules/DesignManager/action.ajax_get_templates.php, /modules/DesignManager/action.ajax_get_stylesheets.php, /modules/FileManager/dunzip.php, or /modules/FileManager/untgz.php.

Learn more about our Physical Security Assessment.