CMS Made Simple Exploit Explained [CVE-2020-10682 | CVSS 6.8]
CMS Made Simple is a content management system that uses a mysql database. It can help you build small sites and semi-static websites. This paper illustrates the exploitation of mysql service running on a machine, which is running a web application based on CMS Made Simple.
- Understanding the important key terms used throughout the paper
- Understanding how the exploitation works
- Scope of impact and severity of the vulnerability
- Mitigations to prevent such attacks
- Setting up a virtual environment to perform the exploit demonstration