EUVD-2010-4244

Malware in sbrugna...

EUVD-2021-0623

Malware in sbrugna...

EUVD-2022-3868

Malicious code in bioql PyPI...

EUVD-2022-1471

Malicious code in bioql PyPI...

CVE-2021-28088

Cross-site scripting XSS in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field...

CVE-2021-26600

ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass != instead of !==...

CVE-2020-17551

ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which may result in arbitrary remote code execution...

CVE-2014-4036

Cross-site scripting XSS vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action...

PT-2022-9761 · Unknown · Impresscms

Name of the Vulnerable Software and Affected Versions: ImpressCMS versions prior to 1.4.3 Description: The issue allows for SQL Injection in the include/findusers.php groups. There is a remote code execution exploit. Recommendations: For versions prior to 1.4.3, update to version 1.4.3 or later t...

ImpressCMS SQL注入漏洞

ImpressCMS is a MySQL-based, modular content management system CMS. The system includes modules for press releases, forums, and photo albums. ImpressCMS is vulnerable to a SQL injection vulnerability that stems from insufficient cleaning of user data passed in the groupps parameter of the...

CVE-2012-0987

ImpressCMS vulnerability CVE-2012-0987 is a directory traversal flaw in edituser.php. Affected products: ImpressCMS 1.2.x prior to 1.2.7 Final and 1.3.x prior to 1.3.1 Final. Root cause: icmsConfigPlugins[sanitizer_plugins][] parameter can be manipulated to include arbitrary local files via direc...