Key Information Summary Key information about the vulnerability obtained from the screenshot is as follows: Vulnerability Description: - Issue Description: The CMS Made Simple web application allows administrators to download a checksum file used to verify system integrity. - Affected Version: This issue has been verified on CMS Made Simple V 2.2.7 (latest version); earlier versions may also be affected. - Risk: Attackers can exploit this feature to verify the installed application version or perform fingerprinting by probing known files and directories. In a default installation, attackers can compare the MD5 hash of known executable files with the downloaded checksum file to determine whether these binary files exist. Reproduction Steps: - Login to Admin Panel: Log in to the admin panel via the URL or navigate to "Site Management" > "System Verification" > "Run Verification". - Download and Upload Checksum File: Download the checksum file and upload a modified version. The file contains entries for probing files or directories, such as . - Checksum Calculation Formula: The checksum on the left is calculated using specific PHP code. For example, the MD5 values of and are combined with a salt and then hashed again using MD5 to generate the checksum. - Response Content: - By comparing different requests and responses, analyze the results for probing existing or non-existing files/directories. - Example: If a file or directory exists, the response is "all checksums match"; if not, the response is "1 files not found". Exploitation Method: - Attackers can brute-force known files and directories by comparing the MD5 hash of binary files (e.g., ) with the contents of the checksum file to detect whether these files exist, potentially enabling further attacks. Additional Information: - Checksum Calculation: Specific MD5 checksum calculation formula is provided, based on CMS system files and combined with a salt to generate checksum values. - Example Checksum Calculation: The example shows that corresponds to the checksum value for . - Binary File Verification: By comparing the calculated MD5 checksum with the checksum file, the existence of binary files can be verified. For example, the example returns a correct response, indicating the file exists in the system. The above information summarizes the exploitation scenario and verification methods, providing valuable reference for security professionals to identify and defend against such attacks.