CMS Made Simple (CMSMS) Showtime2 File Upload Remote Command Execution

Posted by deepcore on March 28, 2019 – 11:05 pm

This Metasploit module exploits a file upload vulnerability that allows for remote command execution in Showtime2 module versions 3.6.2 and below in CMS Made Simple (CMSMS). An authenticated user with “Use Showtime2” privilege could exploit the vulnerability. The vulnerability exists in the Showtime2 module, where the class “class.showtime2_image.php” does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). Tested on Showtime2 3.6.2, 3.6.1, 3.6.0, 3.5.4, 3.5.3, 3.5.2, 3.5.1, 3.5.0, 3.4.5, 3.4.3, 3.4.2 on CMS Made Simple (CMSMS) 2.2.9.1.

This post is under “exploit” and has no respond so far.
If you enjoy this article, make sure you subscribe to my RSS Feed.

Post a reply

You must be logged in to post a comment.

« [dos] Microsoft Visio 2016 16.0.4738.1000 – 'Log in accounts' Denial of Service Oracle Weblogic Server Deserialization Remote Code Execution »

:: Deepquest ::

This site contains information which could be considered illegal in some countries. It is provided here for educational use only and is not intended to be used for illegal activities.

CMS Made Simple (CMSMS) Showtime2 File Upload Remote Command Execution

Post a reply

Tabs Switcher

Categories

Archives

Meta

BLOGROLL