Vulnerabilities
CVE-2021-47736 - CMSimple_XH 1.7.4 Authenticated Remote Code Execution via Content Editing
CVE ID : CVE-2021-47736 Published : Dec. 23, 2025, 8:15 p.m. | 32 minutes ago Description : CMSimple_XH 1.7.4 contains an authenticated remote code execution vulnerability in the content editing functionality that allows administrative users to upload malicious PHP files. Attackers with valid credentials can exploit the CSRF token mechanism to create a PHP shell file that enables arbitrary command execution on the server. Severity: 8.8 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and more...
CVE Details
Affected Product:
PHP
Impact:
remote code execution
Source: Telegram CVE Monitor