MidnightBSD

Advisories for impresscms

CVE-2010-4271 HIGH

SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
impresscms impresscms 1.1.3
impresscms impresscms *
impresscms impresscms 1.0
impresscms impresscms 1.2
impresscms impresscms 1.1.2
impresscms impresscms 1.1
impresscms impresscms 1.1.1
impresscms impresscms 1.2.3
impresscms impresscms 1.2.1
CVE-2010-4616 MEDIUM

Cross-site scripting (XSS) vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Final, and possibly other versions before 1.2.4, allows remote attackers to inject arbitrary web script or HTML via the quicksearch_ContentContent parameter.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
impresscms impresscms 1.1.3
impresscms impresscms *
impresscms impresscms 1.0
impresscms impresscms 1.2
impresscms impresscms 1.1.2
impresscms impresscms 1.1
impresscms impresscms 1.1.1
impresscms impresscms 1.2.3
impresscms impresscms 1.2.1
CVE-2014-1836 MEDIUM

Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS before 1.3.6 allows remote attackers to delete arbitrary files via a full pathname in the image_path parameter in a cancel action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
impresscms impresscms *
CVE-2014-4036 MEDIUM

Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
impresscms impresscms 1.3.6.1
CVE-2018-13983 MEDIUM

ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
impresscms impresscms 1.3.10
CVE-2020-17551 LOW

ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which may result in arbitrary remote code execution.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 4.8 MEDIUM CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N 1.7 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
impresscms impresscms 1.4.0
CVE-2021-26598 MEDIUM

ImpressCMS before 1.4.3 has Incorrect Access Control because include/findusers.php allows access by unauthenticated attackers (who are, by design, able to have a security token).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.3 MEDIUM CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N 3.9 1.4

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-287,

Products Affected

Vendor Product Version
impresscms impresscms *
CVE-2021-26599 HIGH

ImpressCMS before 1.4.3 allows include/findusers.php groups SQL Injection.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
impresscms impresscms *
CVE-2021-26600 HIGH

ImpressCMS before 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==).

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-843,

Products Affected

Vendor Product Version
impresscms impresscms *
CVE-2021-26601 MEDIUM

ImpressCMS before 1.4.3 allows libraries/image-editor/image-edit.php image_temp Directory Traversal.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 8.1 HIGH CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H 2.8 5.2

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-22,

Products Affected

Vendor Product Version
impresscms impresscms *
CVE-2021-28088 LOW

Cross-site scripting (XSS) in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote attackers to inject arbitrary web script or HTML parameters through the "Display Name" field.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-79,

Products Affected

Vendor Product Version
impresscms impresscms 1.4.2
CVE-2022-24977 HIGH

ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSION_UPLOAD_PROGRESS when the PHP installation supports upload_progress.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-22,

Products Affected

Vendor Product Version
impresscms impresscms *
CVE-2022-26986 HIGH

SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to compromise the entire system.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 7.2 HIGH CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H 1.2 5.9

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
impresscms impresscms *
CVE-2022-50912

ImpressCMS 1.4.4 contains a file upload vulnerability with weak extension sanitization that allows attackers to upload potentially malicious files. Attackers can bypass file upload restrictions by using alternative file extensions .php2.php6.php7.phps.pht to execute arbitrary PHP code on the server.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
disclosure@vulncheck.com 9.8 CRITICAL CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H 3.9 5.9

Products Affected

Vendor Product Version
impresscms impresscms 1.4.4
CVE-2023-37785

A cross-site scripting (XSS) vulnerability in ImpressCMS v1.4.5 and before allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the smile_code parameter of the component /editprofile.php.

Products Affected

Vendor Product Version
impresscms impresscms *