Vulnerability Details CVE-2017-16798
In CMS Made Simple 2.2.3.1, the is_file_acceptable function in modules/FileManager/action.upload.php only blocks file extensions that begin or end with a "php" substring, which allows remote attackers to bypass intended access restrictions or trigger XSS via other extensions, as demonstrated by .phtml, .pht, .html, or .svg.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 50.3%
CVSS Severity
CVSS v3 Score 5.4
CVSS v2 Score 3.5
References
Products affected by CVE-2017-16798
-
cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.3.1