Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/03/20 7:20 p.m.17 views

CVE-2025-29930

imFAQ is an advanced questions and answers management system for ImpressCMS. Prior to 1.0.1, if the $GET'seoOp' parameter is manipulated to include malicious input e.g., seoOp=php://filter/read=convert.base64-encode/resource=/var/www/html/config.php, the application could allow an attacker to rea...

6.9CVSS6.4AI score0.00355EPSS
Exploits0References1
NVD
NVD
added 2025/03/18 7:15 p.m.14 views

CVE-2025-29930

imFAQ is an advanced questions and answers management system for ImpressCMS. Prior to 1.0.1, if the $GET'seoOp' parameter is manipulated to include malicious input e.g., seoOp=php://filter/read=convert.base64-encode/resource=/var/www/html/config.php, the application could allow an attacker to rea...

6.9CVSS0.00355EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/18 6:53 p.m.24 views

CVE-2025-29930 imFAQ allows local file inclusion in seo.php

imFAQ is an advanced questions and answers management system for ImpressCMS. Prior to 1.0.1, if the $GET'seoOp' parameter is manipulated to include malicious input e.g., seoOp=php://filter/read=convert.base64-encode/resource=/var/www/html/config.php, the application could allow an attacker to rea...

6.9CVSS0.00355EPSS
Exploits0References2
CVE
CVE
added 2025/03/18 6:53 p.m.67 views

CVE-2025-29930

CVE-2025-29930 affects imFAQ (ImpressCMS) prior to version 1.0.1. The root cause is unsanitized GET parameters seoOp and seoArg, which can be manipulated (e.g., seoOp=php://filter/read=convert.base64-encode/resource=/var/www/html/config.php) to trigger a Local File Inclusion (LFI) that could allo...

6.9CVSS6.1AI score0.00355EPSS
Exploits0References2
Rows per page
Query Builder