Lucene search

K
cve[email protected]CVE-2011-4932
HistoryOct 03, 2022 - 4:15 p.m.

CVE-2011-4932

2022-10-0316:15:13
CWE-94
web.nvd.nist.gov
20
cve-2011-4932
eval injection
ip_cms
impresspages cms
content management
remote code execution

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

Low

EPSS

0.132

Percentile

95.6%

Eval injection vulnerability in ip_cms/modules/standard/content_management/actions.php in ImpressPages CMS 1.0.12 and possibly other versons before 1.0.13 allows remote attackers to execute arbitrary code via the cm_group parameter.

Affected configurations

NVD
Node
impresspagesimpresspages_cmsMatch1.0.12
VendorProductVersionCPE
impresspagesimpresspages_cms1.0.12cpe:/a:impresspages:impresspages_cms:1.0.12:::

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

8.2

Confidence

Low

EPSS

0.132

Percentile

95.6%

Related for CVE-2011-4932