Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
ImpressCMS before 1.4.2 allows unauthenticated remote code execution via ...../// directory traversal in origName or imageName, leading to unsafe interaction with the CKEditor processImage.php script. The payload may be placed in PHP_SESSION_UPLOAD_PROGRESS when the PHP installation supports upload_progress.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ImpressCMS 安全漏洞
Vulnerability Description
ImpressCMS是一套基于MySQL的、模块化的内容管理系统(CMS)。该系统包括新闻发布、论坛和相册等模块。 ImpressCMS 存在安全漏洞,该漏洞源于1.4.2之前的impress scms允许通过执行未经身份验证的远程代码在origName或imageName目录遍历,导致与CKEditor processImage.php脚本的不安全交互。
CVSS Information
N/A
Vulnerability Type
N/A