Home > Access Bypass, Content Management > ImpressCMS “image_path” Arbitrary File Deletion

ImpressCMS “image_path” Arbitrary File Deletion

February 28th, 2014

Application: ImpressCMS
Affected Version: versions 1.3.5, 1.3.6, and 1.3.6.1 and other versions.
Vendor’s URL: ImpressCMS
Bug Type: File Deletion
Risk Level: Critical

Solution:
The vendor has released a fix in version 1.3.6, however, the fix is only partially effective. No official solution is currently available.

Access Bypass, Content Management

Comments are closed.