CVE-2026-5203 | CMS Made Simple up to 2.2.22 UserGuide Module XML Import class.UserGuideImporterExporter.php _copyFilesToFolder path traversal

A vulnerability was found in CMS Made Simple up to 2.2.22 and classified as critical. This impacts the function _copyFilesToFolder in the library modules/UserGuide/lib/class.UserGuideImporterExporter.php of the component UserGuide Module XML Import. The manipulation results in path traversal.

This vulnerability is known as CVE-2026-5203. It is possible to launch the attack remotely. Furthermore, an exploit is available.

This issue has been reported early to the project. They confirmed, that “this has already been discovered and fixed for the next release.”VulDB Recent EntriesRead More