CVSS: 9.8EPSS: 16%CPEs: 1EXPL: 3CVE-2021-26600 – ImpressCMS 1.4.2 Authentication Bypass
https://notcve.org/view.php?id=CVE-2021-26600
ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==). ImpressCMS versiones anteriores a 1.4.3, presenta una confusión de tipo en el archivo plugins/preloads/autologin.php con la consiguiente Omisión de Autenticación (!= en lugar de ! • http://karmainsecurity.com/KIS-2022-01 http://packetstormsecurity.com/files/166393/ImpressCMS-1.4.2-Authentication-Bypass.html http://seclists.org/fulldisclosure/2022/Mar/43 https://hackerone.com/reports/1081986 • CWE-843: Access of Resource Using Incompatible Type ('Type Confusion') •
CVSS: 9.8EPSS: 3%CPEs: 1EXPL: 1CVE-2022-24977
https://notcve.org/view.php?id=CVE-2022-24977
ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSION_UPLOAD_PROGRESS when the PHP installation supports upload_progress. ImpressCMS versiones anteriores a 1.4.2, permite una ejecución de código remota no autenticado por medio de .....// salto de directorio en origName or imageName, conllevando a una interacción no segura con el script CKEditor processImage.php. La carga útil puede ser colocada en PHP_SESSION_UPLOAD_PROGRESS cuando la instalación de PHP soporta upload_progress • https://github.com/ImpressCMS/impresscms/commit/a66d7bb499faafab803e24833606028fa0ba4261 https://github.com/ImpressCMS/impresscms/compare/1.4.1...v1.4.2 https://r0.haxors.org/posts?id=8 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 6.4EPSS: 23%CPEs: 1EXPL: 2CVE-2014-1836 – ImpressCMS 1.3.5 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2014-1836
Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS before 1.3.6 allows remote attackers to delete arbitrary files via a full pathname in the image_path parameter in a cancel action. Vulnerabilidad de salto de ruta absoluta en htdocs/libraries/image-editor/image-edit.php en ImpressCMS anterior a 1.3.6 permite a atacantes remotos eliminar ficheros arbitrarios a través de un nombre de ruta completo en el parámetro image_path en una acción de cancelar. ImpressCMS version 1.3.5 suffers from arbitrary file deletion and cross site scripting vulnerabilities. • https://www.exploit-db.com/exploits/31431 http://community.impresscms.org/modules/smartsection/item.php?itemid=675 http://osvdb.org/show/osvdb/102770 http://seclists.org/fulldisclosure/2014/Feb/14 http://www.securityfocus.com/bid/65279 https://github.com/pedrib/PoC/blob/master/generic/impresscms-1.3.5.txt • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 4.3EPSS: 0%CPEs: 35EXPL: 1CVE-2010-4616
https://notcve.org/view.php?id=CVE-2010-4616
Cross-site scripting (XSS) vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Final, and possibly other versions before 1.2.4, allows remote attackers to inject arbitrary web script or HTML via the quicksearch_ContentContent parameter. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en modules/content/admin/content.php en ImpressCMS v1.2.3 Final, y probablemente otras versiones previas a v1.2.4, permite a atacantes remotos inyectar secuencias de comandos web o HTML de su elección a través del parámetro quicksearch_ContentContent. • http://community.impresscms.org/modules/smartsection/item.php?itemid=525 http://secunia.com/advisories/42695 http://www.htbridge.ch/advisory/xss_vulnerability_in_impresscms.html http://www.securityfocus.com/archive/1/515397/100/0/threaded • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 33EXPL: 0CVE-2010-4271
https://notcve.org/view.php?id=CVE-2010-4271
SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. Vulnerabilidad de inyección SQL en ImpressCMS anterior a v1.2.3 RC2, permite a atacantes remotos ejecutar comandos SQL de su elección mediante vectores desconocidos. • http://osvdb.org/69082 http://secunia.com/advisories/42160 http://www.impresscms.org/content.php?page=ImpressCMS_1.2.3 http://www.securityfocus.com/bid/44745 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •