CVSS: 9.8EPSS: 16%CPEs: 1EXPL: 3CVE-2021-26600 – ImpressCMS 1.4.2 Authentication Bypass
https://notcve.org/view.php?id=CVE-2021-26600
ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==). ImpressCMS versiones anteriores a 1.4.3, presenta una confusión de tipo en el archivo plugins/preloads/autologin.php con la consiguiente Omisión de Autenticación (!= en lugar de ! • http://karmainsecurity.com/KIS-2022-01 http://packetstormsecurity.com/files/166393/ImpressCMS-1.4.2-Authentication-Bypass.html http://seclists.org/fulldisclosure/2022/Mar/43 https://hackerone.com/reports/1081986 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 1CVE-2022-24977
https://notcve.org/view.php?id=CVE-2022-24977
ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSION_UPLOAD_PROGRESS when the PHP installation supports upload_progress. ImpressCMS versiones anteriores a 1.4.2, permite una ejecución de código remota no autenticado por medio de .....// salto de directorio en origName or imageName, conllevando a una interacción no segura con el script CKEditor processImage.php. La carga útil puede ser colocada en PHP_SESSION_UPLOAD_PROGRESS cuando la instalación de PHP soporta upload_progress • https://github.com/ImpressCMS/impresscms/commit/a66d7bb499faafab803e24833606028fa0ba4261 https://github.com/ImpressCMS/impresscms/compare/1.4.1...v1.4.2 https://r0.haxors.org/posts?id=8 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 5.4EPSS: 0%CPEs: 1EXPL: 1CVE-2021-28088
https://notcve.org/view.php?id=CVE-2021-28088
Cross-site scripting (XSS) in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field. Una vulnerabilidad de tipo cross-site scripting (XSS) en el archivo modules/content/admin/content.php en el perfil de ImpressCMS versión 1.4.2, permite a atacantes remotos inyectar un script web o parámetros HTML arbitrarios por medio del campo "Display Name" • https://anotepad.com/note/read/s3kkk6h7 https://hackerone.com/reports/1119296 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 4.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-17551
https://notcve.org/view.php?id=CVE-2020-17551
ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which may result in arbitrary remote code execution. ImpressCMS versión 1.4.0, está afectado por una vulnerabilidad de tipo XSS en el archivo modules/system/admin.php que puede resultar en la ejecución de código remoto arbitrario • https://github.com/ImpressCMS/impresscms/issues/659 https://www.impresscms.org • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2018-13983 – ImpressCMS 1.3.10 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2018-13983
ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php. ImpressCMS 1.3.10 tiene XSS mediante PATH_INFO para htdocs/install/index.php, htdocs/install/page_langselect.php, o htdocs/install/page_modcheck.php. ImpressCMS version 1.3.10 suffers from multiple cross site scripting vulnerabilities. • http://packetstormsecurity.com/files/150990/ImpressCMS-1.3.10-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2019/Jan/8 https://www.netsparker.com/web-applications-advisories/ns-18-033-cross-site-scripting-in-impresscms • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •