Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
impresscms impresscms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2021-26599
ImpressCMS prior to 1.4.3 allows include/findusers.php groups SQL Injection.
Impresscms Impresscms
5.5
CVSSv2
CVE-2021-26601
ImpressCMS prior to 1.4.3 allows libraries/image-editor/image-edit.php image_temp Directory Traversal.
Impresscms Impresscms
7.5
CVSSv2
CVE-2022-24977
ImpressCMS prior to 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSION_UPLOAD_PROGRESS when the PHP install...
Impresscms Impresscms
3.5
CVSSv2
CVE-2020-17551
ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which may result in arbitrary remote code execution.
Impresscms Impresscms 1.4.0
10
CVSSv2
CVE-2008-3453
Multiple unspecified vulnerabilities in ImpressCMS 1.0 have unknown impact and attack vectors, related to modules/admin.php and "a few files."
Impresscms Impresscms 1.0
4.3
CVSSv2
CVE-2008-6360
Cross-site scripting (XSS) vulnerability in the userranks feature in modules/system/admin.php in ImpressCMS 1.0.2 final allows remote malicious users to inject arbitrary web script or HTML via the rank_title parameter. NOTE: some of these details are obtained from third party inf...
Impresscms Impresscms 1.0.2
4.3
CVSSv2
CVE-2018-13983
ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php.
Impresscms Impresscms 1.3.10
3.5
CVSSv2
CVE-2021-28088
Cross-site scripting (XSS) in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote malicious users to inject arbitrary web script or HTML parameters through the "Display Name" field.
Impresscms Impresscms 1.4.2
4.3
CVSSv2
CVE-2014-4036
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote malicious users to inject arbitrary web script or HTML via the query parameter in a listimg action.
Impresscms Impresscms 1.3.6.1
4.3
CVSSv2
CVE-2008-2035
Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. (1) BackPack 0.91 and previous versions, (2) BmSurvey 0.84 and previous versions, (3) newbb_fileup 1.83 and previous versions, (4) News_embed (news_fileup) 1.44 and previous versions, and (5) PopnupBlog 3.19 and previ...
Xoops Xoops Cube 2.1
Bluemoon Backpack
Bluemoon News Fileup
Bluemoon Popnupblog
Bluemoon Bmsurvey
Bluemoon Newbb Fileup
Xoops Xoops 2.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2