#Exploit Title: CMS Made Simple v2.2.17 – File Upload Remote Code Execution (Authenticated)
#Date: 25 June 2023
#Exploit Author: Okan Kurtulus
#Vendor Homepage: https://www.cmsmadesimple.org/
#Version: 2.2.17
#Tested on: Ubuntu 18.0.4
#CVE: 2023-36969
#Proof of Concept:
1-) Install the system through the website and log in with any user.
2-) After logging in, click “File Manager” under “Content” from the left menu.
3-) Some file extensions are blocked from uploading. PHP extension is among them. To bypass this, we change the extension to PHTML.
4-) When we call the shell file, the reverse shell is taken.
When we make a small query, we see that 11950 websites use the relevant application.
