A vulnerability has been found in codelyfe Stupid Simple CMS up to 1.2.4 and classified as critical. This vulnerability affects unknown code of the file /file-manager/upload.php. The manipulation of the argument file leads to unrestricted upload.
This vulnerability was named CVE-2023-6902. Access to the local network is required for this attack. Furthermore, there is an exploit available.