Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

3 matches found

BDU FSTEC
BDU FSTECadded 2023/09/07 12:0 a.m.4 views

The vulnerability of the processimage.php component in the ImpressCMS CMS system allows a hacker to execute arbitrary code.

The vulnerability of the processimage.php component in the ImpressCMS CMS system is related to deficiencies in path name restrictions for the catalog. Exploiting this vulnerability allows a malicious actor to execute arbitrary code remotely...

10CVSS8.1AI score0.06453EPSS
Exploits1References5Affected Software1
CNVD
CNVDadded 2022/02/16 12:0 a.m.19 views

Unspecified vulnerability in ImpressCMS

ImpressCMS is a MySQL-based, modular content management system CMS. The system includes modules for press releases, forums, and photo albums. ImpressCMS has a security vulnerability that stems from the fact that impress scms prior to 1.4.2 allows traversal of the origName or imageName directory b...

9.8CVSS2.3AI score0.06453EPSS
Exploits1References1
Prion
Prionadded 2022/02/14 12:15 p.m.11 views

Remote code execution

ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHPSESSIONUPLOADPROGRESS when the PHP installation supports...

7.5CVSS9.8AI score0.06453EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder