CMSimple 5.15 Remote Shell Upload

# Exploit Title: CMSimple 5.15 - Remote Command Execution# Date: 04/28/2024# Exploit Author: Ahmet Ümit BAYRAM# Vendor Homepage: https://www.cmsimple.org# Software Link: https://www.cmsimple.org/downloads_cmsimple50/CMSimple_5-15.zip# Version: latest# Tested on: MacOS# Log in to SimpleCMS.# Go to Settings > CMS# Append ",php" to the end of the Extensions_userfiles field and save it.# Navigate to Files > Media# Select and upload shell.php# Your shell is ready: https://{url}/userfiles/media/shell.php