Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
SQL Injection in ImpressCMS 1.4.3 and earlier allows remote attackers to inject into the code in unintended way, this allows an attacker to read and modify the sensitive information from the database used by the application. If misconfigured, an attacker can even upload a malicious web shell to compromise the entire system.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
ImpressCMS SQL注入漏洞
Vulnerability Description
ImpressCMS是一套基于MySQL的、模块化的内容管理系统(CMS)。该系统包括新闻发布、论坛和相册等模块。 ImpressCMS 1.4.3版本及之前版本存在SQL注入漏洞,该漏洞源于远程攻击者以非故意的方式注入代码。攻击者利用该漏洞从应用程序使用的数据库中读取和修改敏感信息。如果配置不当,攻击者甚至可以上传恶意的web shell来危害整个系统。
CVSS Information
N/A
Vulnerability Type
N/A