CVE-2025-63678 – CMS Made Simple Foundation File Manager Remote Code Execution

CVE ID : CVE-2025-63678

Published : Nov. 10, 2025, 11:15 p.m. | 15 minutes ago

Description : An authenticated arbitrary file upload vulnerability in the /uploads/ endpoint of CMS Made Simple Foundation File Manager v2.2.22 allows attackers with Administrator privileges to execute arbitrary code via uploading a crafted PHP file.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…