1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: GetSimpleCMS PHP File Upload

Web Attack: GetSimpleCMS PHP File Upload

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts of leveraging a file upload vulnerability in GetSimple CMS which could lead to system compromise.

Additional Information

A file upload vulnerability exists in GetSimple CMS. By abusing the upload.php file, a malicious authenticated user can upload an arbitrary file, including PHP code, which results in arbitrary code execution.

Affected

  • GetSimpleCMS Version 3.2.1
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube