Impresscms : Security Vulnerabilities, CVEs, Published In 2009
Cross-site scripting (XSS) vulnerability in the userranks feature in modules/system/admin.php in ImpressCMS 1.0.2 final allows remote attackers to inject arbitrary web script or HTML via the rank_title parameter. NOTE: some of these details are obtained from third party information.
Max CVSS
4.3
EPSS Score
0.22%
Published
2009-03-02
Updated
2017-08-17
Session fixation vulnerability in Social ImpressCMS before 1.1.1 RC1 allows remote attackers to hijack web sessions by setting the PHPSESSID parameter.
Max CVSS
6.8
EPSS Score
1.55%
Published
2009-01-23
Updated
2018-10-11
2 vulnerabilities found