{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-16T01:52:24.193","vulnerabilities":[{"cve":{"id":"CVE-2018-1000094","sourceIdentifier":"cve@mitre.org","published":"2018-03-13T01:29:00.810","lastModified":"2024-11-21T03:39:37.973","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"CMS Made Simple version 2.2.5 contains a Remote Code Execution vulnerability in File Manager that can result in Allows an authenticated admin that has access to the file manager to execute code on the server. This attack appear to be exploitable via File upload -> copy to any extension."},{"lang":"es","value":"CMS Made Simple 2.2.5 contiene una vulnerabilidad de ejecución remota de código en File Manager que podría permitir que un administrador autenticado con acceso al gestor de archivos ejecute código en el servidor. El ataque parece ser explotable mediante File upload -> copy a cualquier extensión."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H","baseScore":7.2,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.2,"impactScore":5.9}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:L/Au:S/C:P/I:P/A:P","baseScore":6.5,"accessVector":"NETWORK","accessComplexity":"LOW","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":8.0,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-434"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:cmsmadesimple:cms_made_simple:2.2.5:*:*:*:*:*:*:*","matchCriteriaId":"FB7ED7E9-D2F9-416D-B33C-C6113C1E331E"}]}]}],"references":[{"url":"http://dev.cmsmadesimple.org/bug/view/11741","source":"cve@mitre.org","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/44976/","source":"cve@mitre.org","tags":["Exploit","Third Party Advisory","VDB Entry"]},{"url":"http://dev.cmsmadesimple.org/bug/view/11741","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Issue Tracking","Vendor Advisory"]},{"url":"https://www.exploit-db.com/exploits/44976/","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Exploit","Third Party Advisory","VDB Entry"]}]}}]}