2 matches found
ImpressCMS Directory Traversal (CVE-2022-24977)
A directory traversal vulnerability exists in ImpressCMS. Successful exploitation of this vulnerability could allow an attacker to access arbitrary files on the affected system...
CVE-2022-24977
ImpressCMS has a directory traversal vulnerability (CVE-2022-24977) affecting versions before 1.4.2. The flaw allows unauthenticated remote code execution by traversing origName or imageName, triggering unsafe interaction with CKEditor processImage.php. In PHP environments that support upload_pro...