What is CVE-2013-10032?

CVE-2013-10032 is a vulnerability in Getsimple Cms Project, classified under Unrestricted Upload of File with Dangerous Type. Published 2025-07-25.

Is CVE-2013-10032 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Auth bypass in Getsimple Cms Project

CVE-2013-10032

An authenticated remote code execution vulnerability exists in GetSimpleCMS version 3.2.1. The application’s upload.php endpoint allows authenticated users to upload arbitrary files without proper validation of MIME types or extensions. By…

Vulnerability class: Unrestricted File Upload

EPSS: 0.762 (98.9th percentile) — read the EPSS interpretation.

Affected products

Getsimple Cms Project — versions 3.2.1

Weakness classification (CWE)

Public proof-of-concept exploits

rapid7/metasploit-framework

References

raw.githubusercontent.com/rapid7/metasploit-framework/master/modules/exploits/u… (exploit)
www.exploit-db.com/exploits/25405 (exploit)
www.broadcom.com/support/security-center/attacksignatures/detail (third-party-advisory)
www.fortiguard.com/encyclopedia/ips/39295 (third-party-advisory)
get-simple.info (product)
www.vulncheck.com/advisories/getsimple-cms-auth-rce-via-arbitrary-php-file-uplo… (third-party-advisory)

Frequently asked questions

What is CVE-2013-10032?: CVE-2013-10032 is a vulnerability in Getsimple Cms Project, classified under Unrestricted Upload of File with Dangerous Type. Published 2025-07-25.
Is CVE-2013-10032 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.