ImpressPages CMS 'actions.php' Remote Code Execution Vulnerability Network Vulnerability

Summary

ImpressPages CMS is prone to a remote-code execution vulnerability. Exploiting this issue will allow attackers to execute arbitrary code within the context of the affected application. ImpressPages CMS 1.0.12 is vulnerable other versions may also be affected.

Solution

Vendor updates are available. Please see the references for more information.

References

http://www.impresspages.org/
http://www.impresspages.org/news/impresspages-1-0-13-security-release/
http://www.securityfocus.com/archive/1/521118
http://www.securityfocus.com/bid/49798

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ATutor password reminder SQL injection
'research_display.php' SQL Injection Vulnerability
ApPHP MicroBlog Remote Code Execution Vulnerability
ALCASAR Remote Code Execution Vulnerability
AjaxPortal 'di.php' File Inclusion Vulnerability

Take action and discover your vulnerabilities