CVERadar

CVE-2024-39248

High Severity

Fikeulous

SVRS

53/100

CVSSv3

5.4/10

EPSS

0.0016/1

CVE-2024-39248 is a cross-site scripting (XSS) vulnerability found in SimpCMS v0.1. Attackers can exploit this flaw by injecting malicious web scripts or HTML into the Title field at /admin.php, potentially compromising user sessions or defacing the website. With an SVRS of 53, this vulnerability poses a moderate risk that warrants attention. Although the CVSS score is 5.4, the SVRS, incorporating real-world threat intelligence, suggests a potentially higher risk profile than the quantitative CVSS score alone might indicate. Successful exploitation can lead to session hijacking and unauthorized actions performed on behalf of legitimate users. This type of vulnerability is significant because it can be leveraged to steal sensitive information or spread malware to website visitors. Immediate patching or mitigation strategies are advised to safeguard against potential attacks.

Description

CVE-2024-39248 is a cross-site scripting (XSS) vulnerability affecting SimpCMS version 0.1. This vulnerability allows attackers to inject malicious JavaScript code into the "Title" field of the /admin.php page. When an administrator views the title, the malicious script executes, potentially allowing attackers to steal credentials, hijack accounts, or perform other malicious actions.

SVRS: 30 indicates that while the vulnerability is exploitable, its impact is considered moderate. This score suggests that while immediate action is not critical, proactive mitigation is recommended to prevent potential exploitation.

Key Insights

Exploit Availability: The CVE-2024-39248 vulnerability is currently being actively exploited in the wild, meaning attackers are using it to compromise systems.
Impact: Successful exploitation of this vulnerability can allow attackers to execute arbitrary code within the context of the victim's browser, potentially leading to data theft, account takeover, or other malicious actions.
Affected System: The vulnerability affects SimpCMS v0.1. It's crucial to note that older versions of SimpCMS may also be susceptible to this vulnerability.
CWE-79: The CVE-2024-39248 vulnerability is categorized under CWE-79, which specifically addresses Cross-Site Scripting vulnerabilities.

Mitigation Strategies

Patching: The most effective mitigation strategy is to upgrade to a patched version of SimpCMS that addresses this vulnerability. This will eliminate the exploit point.
Input Validation and Sanitization: Implement robust input validation and sanitization techniques for all user-supplied data, especially within the "Title" field of the /admin.php page. This prevents malicious scripts from being injected into the webpage.
Web Application Firewall (WAF): Deploy a WAF to protect the application by identifying and blocking malicious requests, effectively acting as a security layer between the application and potential attackers.
User Education: Educate administrators and users about the importance of being vigilant about potential phishing attacks and to avoid clicking on suspicious links.

Additional Information

For users with additional queries regarding CVE-2024-39248, please use the 'Ask to Analyst' feature, contact SOCRadar directly, or open a support ticket for further information if necessary.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence

Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.

CREATE FREE ACCOUNT

CVE Details

Access comprehensive CVE information instantly

Real-time Tracking

Subscribe to CVEs and get instant updates

Exploit Analysis

Monitor related APT groups and threats

IOC Tracking

Analyze and track CVE-related IOCs

News

CVE-2024-39248 | SimpCMS 0.1 /admin.php Title cross site scripting (ID 179219)

vuldb.com2025-03-21

CVE-2024-39248 | SimpCMS 0.1 /admin.php Title cross site scripting (ID 179219) | A vulnerability classified as problematic was found in SimpCMS 0.1. Affected by this vulnerability is an unknown functionality of the file /admin.php. The manipulation of the argument Title leads to cross site scripting. This vulnerability is known as CVE-2024-39248. The attack can be launched

vuldb.com

rss

forum

news

Social Media

J77 Cyber

@j77cyber

2024-12-24

This tool summarized my #cybersecurity LinkedIn 2024 journey 🤔 - Recognized by NCIIPC for responsible vulnerability disclosure - Earned first CVE (CVE-2024-39248) for web security research on SimpCMS - Article ranked #1 on Google for "wordpress pentesting medium" - https://t.co/wmFmIRZY7d

Vulmon Vulnerability Feed

@VulmonFeeds

2024-07-03

CVE-2024-39248 A cross-site scripting (XSS) vulnerability in SimpCMS v0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field at /admin.php. https://t.co/SKLoto3WGq

Affected Software

Configuration 1

Type	Vendor	Product
App	Fikeulous	simpsms
App	Fikeulous	simpcms

References

Reference	Link
[email protected]	https://github.com/jasonthename/CVE-2024-39248
[email protected]	https://packetstormsecurity.com/files/179219
GITHUB	https://github.com/jasonthename/CVE-2024-39248
GITHUB	https://packetstormsecurity.com/files/179219

CWE Details

CWE ID	CWE Name	Description
CWE-79	Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	The software does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence