|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-11-29 | |
| Rule Name: | CMS Made Simple (CMSMS) Showtime2 File Upload Vulnerability (CVE-2019-9692) | |
| Severity: | Medium | |
| CVE ID: | CVE-2019-9692 | |
| Rule Protection Details |
|---|
| Description: | class.showtime2_image.php in CMS Made Simple (CMSMS) before 2.2.10 does not ensure that a watermark file has a standard image file extension (GIF, JPG, JPEG, or PNG). | |
| Impact: | An attacker could exploit this vulnerability to have unspecified effect. | |
| Affected OS: | Windows, Others | |
| Reference: | ExploitDB:46627 ExploitDB:46546 ExploitDB:46627 http://www.rapid7.com/db/modules/exploit/multi/ |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: https://forum.cmsmadesimple.org/viewtopic.php?f=1&t;=80285 |