Description
A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function _copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. This issue has been reported early to the project. They confirmed, that "this has already been discovered and fixed for the next release."
Published: 2026-03-31
Score: 5.1 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Path Traversal
Action: Immediate Patch
AI Analysis

Impact

A path traversal flaw exists in the UserGuide Module XML Import component of CMS Made Simple, allowing an attacker to specify arbitrary file paths during the import process. The flaw is triggered remotely and permits writing or reading files outside the intended directory tree. Exploitation could enable an attacker to overwrite critical files, inject malicious code, or expose sensitive data, potentially leading to full system compromise.

Affected Systems

CMS Made Simple users running version 2.2.22 or earlier are affected. The vulnerability is in the UserGuide Module located at modules/UserGuide/lib/class.UserGuideImporterExporter.php. The issue has been acknowledged and patched in the next release, so systems on versions newer than 2.2.22 are not vulnerable.

Risk and Exploitability

The CVSS base score of 5.1 reflects a moderate severity, and the public nature of the exploit indicates it can be leveraged remotely with no local privileges. EPSS data is unavailable and the vulnerability is not currently tracked in the CISA KEV catalog. Attackers would likely exploit the flaw by triggering an XML import request with a crafted file path, causing the server to write files in arbitrary locations. As the flaw can be triggered over the network, the risk to exposed installations is significant until the patch is applied.

Generated by OpenCVE AI on March 31, 2026 at 17:23 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update CMS Made Simple to version 2.2.23 or later
  • Restrict file write permissions for the UserGuide module directory and run the web server with minimal privileges
  • Monitor web server logs for unauthorized file write or read attempts
  • Disable the XML import feature if it is not required

Generated by OpenCVE AI on March 31, 2026 at 17:23 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Tue, 31 Mar 2026 18:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'poc', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 31 Mar 2026 16:00:00 +0000

Type Values Removed Values Added
Description A vulnerability was found in CMS Made Simple up to 2.2.22. This impacts the function _copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal. It is possible to launch the attack remotely. The exploit has been made public and could be used. This issue has been reported early to the project. They confirmed, that "this has already been discovered and fixed for the next release."
Title CMS Made Simple UserGuide Module XML Import class.UserGuideImporterExporter.php _copyFilesToFolder path traversal
First Time appeared Cms Made Simple
Cms Made Simple cms Made Simple
Weaknesses CWE-22
CPEs cpe:2.3:a:cms_made_simple:cms_made_simple:*:*:*:*:*:*:*:*
Vendors & Products Cms Made Simple
Cms Made Simple cms Made Simple
References
Metrics cvssV2_0

{'score': 5.8, 'vector': 'AV:N/AC:L/Au:M/C:P/I:P/A:P/E:POC/RL:ND/RC:UR'}

cvssV3_0

{'score': 4.7, 'vector': 'CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV3_1

{'score': 4.7, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L/E:P/RL:X/RC:R'}

cvssV4_0

{'score': 5.1, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P'}

Subscriptions

Cms Made Simple Cms Made Simple
cve-icon MITRE

Status: PUBLISHED

Assigner: VulDB

Published:

Updated: 2026-03-31T17:35:35.625Z

Reserved: 2026-03-31T08:40:14.589Z

Link: CVE-2026-5203

cve-icon Vulnrichment

Updated: 2026-03-31T17:35:31.428Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-31T16:16:35.723

Modified: 2026-04-01T14:24:02.583

Link: CVE-2026-5203

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-03-31T20:38:00Z

Weaknesses