exploitDog

CVE-2021-26601

Опубликовано: 28 мар. 2022

Источник: nvd

CVSS3: 8.1

CVSS2: 5.5

EPSS Средний

Описание

ImpressCMS before 1.4.3 allows libraries/image-editor/image-edit.php image_temp Directory Traversal.

Ссылки

http://karmainsecurity.com/KIS-2022-02
Third Party Advisory
http://packetstormsecurity.com/files/166402/ImpressCMS-1.4.2-Path-Traversal.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2022/Mar/44
Exploit
Mailing List
Third Party Advisory
https://hackerone.com/reports/1081878
Exploit
Third Party Advisory
http://karmainsecurity.com/KIS-2022-02
Third Party Advisory
http://packetstormsecurity.com/files/166402/ImpressCMS-1.4.2-Path-Traversal.html
Exploit
Third Party Advisory
VDB Entry
http://seclists.org/fulldisclosure/2022/Mar/44
Exploit
Mailing List
Third Party Advisory
https://hackerone.com/reports/1081878
Exploit
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:impresscms:impresscms:*:*:*:*:*:*:*:*

Версия до 1.4.3 (исключая)

EPSS

Процентиль: 94%

0.11918

Средний

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-22

Связанные уязвимости

GHSA-4q96-9f63-p7jj

CVSS3: 8.1

github

почти 4 года назад

Path Traversal in ImpressCMS

EPSS

Процентиль: 94%

0.11918

Средний

8.1 High

CVSS3

5.5 Medium

CVSS2

Дефекты

CWE-22