h4ckr4v3n/gist:afbb87b5a05f283dbee705709c2769eb

## gistfile1.txt
I've discovered several high and critical vulnerabilities in CMSimple 5.16 leading to RCE:

CVE-2024-57546 - An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function.
CVE-2024-57547 - Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files.
CVE-2024-57548 - CMSimple 5.16 allows the user to edit log.php file via print page.
CVE-2024-57549 - CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request.

Original research: https://github.com/h4ckr4v3n/cmsimple5.16_research
	I've discovered several high and critical vulnerabilities in CMSimple 5.16 leading to RCE:

	CVE-2024-57546 - An issue in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the validate link function.
	CVE-2024-57547 - Insecure Permissions vulnerability in CMSimple v.5.16 allows a remote attacker to obtain sensitive information via a crafted script to the Functionality of downloading php backup files.
	CVE-2024-57548 - CMSimple 5.16 allows the user to edit log.php file via print page.
	CVE-2024-57549 - CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in the file parameter of a GET request.

	Original research: https://github.com/h4ckr4v3n/cmsimple5.16_research