5 matches found
EUVD-2025-6698
Malicious code in bioql PyPI...
CVE-2025-29930 imFAQ allows local file inclusion in seo.php
imFAQ is an advanced questions and answers management system for ImpressCMS. Prior to 1.0.1, if the $GET'seoOp' parameter is manipulated to include malicious input e.g., seoOp=php://filter/read=convert.base64-encode/resource=/var/www/html/config.php, the application could allow an attacker to rea...
CVE-2025-29930
CVE-2025-29930 affects imFAQ (ImpressCMS) prior to version 1.0.1. The root cause is unsanitized GET parameters seoOp and seoArg, which can be manipulated (e.g., seoOp=php://filter/read=convert.base64-encode/resource=/var/www/html/config.php) to trigger a Local File Inclusion (LFI) that could allo...
CVE-2025-29930 imFAQ allows local file inclusion in seo.php
imFAQ is an advanced questions and answers management system for ImpressCMS. Prior to 1.0.1, if the $GET'seoOp' parameter is manipulated to include malicious input e.g., seoOp=php://filter/read=convert.base64-encode/resource=/var/www/html/config.php, the application could allow an attacker to rea...
imFAQ 安全漏洞
imFAQ is an advanced question and answer management system for ImpressCMS websites open-sourced by Impress Modules. A security vulnerability exists in versions prior to imFAQ 1.0.1 that stems from seoOp parameters that are not cleaned or validated, which could lead to a local file inclusion that...