{"id":57230,"date":"2024-06-03T18:49:42","date_gmt":"2024-06-03T15:49:42","guid":{"rendered":"https:\/\/packetstormsecurity.com\/files\/178894\/cmsimple515-shell.txt"},"modified":"2024-06-03T18:49:42","modified_gmt":"2024-06-03T15:49:42","slug":"cmsimple-5-15-remote-shell-upload","status":"publish","type":"post","link":"https:\/\/afaghhosting.net\/blog\/cmsimple-5-15-remote-shell-upload\/","title":{"rendered":"CMSimple 5.15 Remote Shell Upload"},"content":{"rendered":"<pre readability=\"5.5\"><code readability=\"5\"># Exploit Title: CMSimple 5.15 - Remote Command Execution<br># Date: 04\/28\/2024<br># Exploit Author: Ahmet \u00dcmit BAYRAM<br># Vendor Homepage: https:\/\/www.cmsimple.org<br># Software Link: https:\/\/www.cmsimple.org\/downloads_cmsimple50\/CMSimple_5-15.zip<br># Version: latest<br># Tested on: MacOS<p># Log in to SimpleCMS.<br># Go to Settings &gt; CMS<br># Append \",php\" to the end of the Extensions_userfiles field and save it.<br># Navigate to Files &gt; Media<br># Select and upload shell.php<br># Your shell is ready: https:\/\/{url}\/userfiles\/media\/shell.php<\/p><\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p># Exploit Title: CMSimple 5.15 &#8211; Remote Command Execution# Date: 04\/28\/2024# Exploit Author: Ahmet \u00dcmit BAYRAM# Vendor Homepage: https:\/\/www.cmsimple.org# Software Link: https:\/\/www.cmsimple.org\/downloads_cmsimple50\/CMSimple_5-15.zip# Version: latest# Tested on: MacOS# Log in to SimpleCMS.# Go to Settings &gt; CMS# Append &#8220;,php&#8221; to the end of the Extensions_userfiles field and save it.# Navigate to Files &gt; Media# Select and &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[26],"tags":[],"class_list":["post-57230","post","type-post","status-publish","format-standard","hentry","category-vulnerability"],"_links":{"self":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/57230","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/comments?post=57230"}],"version-history":[{"count":0,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/posts\/57230\/revisions"}],"wp:attachment":[{"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/media?parent=57230"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/categories?post=57230"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/afaghhosting.net\/blog\/wp-json\/wp\/v2\/tags?post=57230"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}