CMS Made Simple Exploit Explained [CVE-2020-10682 | CVSS 6.8]

CMS Made Simple is a content management system that uses a mysql database. It can help you build small sites and semi-static websites. This paper illustrates the exploitation of mysql service running on a machine, which is running a web application based on CMS Made Simple.

Key Pointers:

• Understanding the important key terms used throughout the paper
• Understanding how the exploitation works
• Scope of impact and severity of the vulnerability
• Mitigations to prevent such attacks
• Setting up a virtual environment to perform the exploit demonstration