Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
impresscms impresscms vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2021-26600
ImpressCMS prior to 1.4.3 has plugins/preloads/autologin.php type confusion with resultant Authentication Bypass (!= instead of !==).
Impresscms Impresscms
NA
CVE-2023-37785
A cross-site scripting (XSS) vulnerability in ImpressCMS v1.4.5 and before allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the smile_code parameter of the component /editprofile.php.
Impresscms Impresscms
645
VMScore
CVE-2014-1836
Absolute path traversal vulnerability in htdocs/libraries/image-editor/image-edit.php in ImpressCMS prior to 1.3.6 allows remote malicious users to delete arbitrary files via a full pathname in the image_path parameter in a cancel action.
Impresscms Impresscms
1 EDB exploit
312
VMScore
CVE-2020-17551
ImpressCMS 1.4.0 is affected by XSS in modules/system/admin.php which may result in arbitrary remote code execution.
Impresscms Impresscms 1.4.0
312
VMScore
CVE-2021-28088
Cross-site scripting (XSS) in modules/content/admin/content.php in ImpressCMS profile 1.4.2 allows remote malicious users to inject arbitrary web script or HTML parameters through the "Display Name" field.
Impresscms Impresscms 1.4.2
383
VMScore
CVE-2014-4036
Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote malicious users to inject arbitrary web script or HTML via the query parameter in a listimg action.
Impresscms Impresscms 1.3.6.1
383
VMScore
CVE-2018-13983
ImpressCMS 1.3.10 has XSS via the PATH_INFO to htdocs/install/index.php, htdocs/install/page_langselect.php, or htdocs/install/page_modcheck.php.
Impresscms Impresscms 1.3.10
890
VMScore
CVE-2008-3453
Multiple unspecified vulnerabilities in ImpressCMS 1.0 have unknown impact and attack vectors, related to modules/admin.php and "a few files."
Impresscms Impresscms 1.0
383
VMScore
CVE-2008-6360
Cross-site scripting (XSS) vulnerability in the userranks feature in modules/system/admin.php in ImpressCMS 1.0.2 final allows remote malicious users to inject arbitrary web script or HTML via the rank_title parameter. NOTE: some of these details are obtained from third party inf...
Impresscms Impresscms 1.0.2
383
VMScore
CVE-2008-2035
Cross-site scripting (XSS) vulnerability in the Bluemoon, Inc. (1) BackPack 0.91 and previous versions, (2) BmSurvey 0.84 and previous versions, (3) newbb_fileup 1.83 and previous versions, (4) News_embed (news_fileup) 1.44 and previous versions, and (5) PopnupBlog 3.19 and previ...
Xoops Xoops Cube 2.1
Bluemoon Backpack
Bluemoon News Fileup
Bluemoon Popnupblog
Bluemoon Bmsurvey
Bluemoon Newbb Fileup
Xoops Xoops 2.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2