Home / os / winmobile

GetSimpleCMS 3.3.15 Remote Code Execution

Posted on 17 May 2019

This Metasploit module exploits a remote code execution vulnerability found in GetSimpleCMS versions 3.3.15 and below. An arbitrary file upload (PHPcode for example) vulnerability can be triggered by an authenticated user, however authentication can be bypassed by leaking the cms API key to target the session manager.

 

TOP

Malware :

Exploits :