Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

2 matches found

CNVD
CNVDadded 2022/02/16 12:0 a.m.18 views

Unspecified vulnerability in ImpressCMS

ImpressCMS is a MySQL-based, modular content management system CMS. The system includes modules for press releases, forums, and photo albums. ImpressCMS has a security vulnerability that stems from the fact that impress scms prior to 1.4.2 allows traversal of the origName or imageName directory b...

9.8CVSS2.3AI score0.28066EPSS
Exploits1References1
Prion
Prionadded 2022/02/14 12:15 p.m.10 views

Remote code execution

ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHPSESSIONUPLOADPROGRESS when the PHP installation supports...

7.5CVSS9.8AI score0.28066EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder