Impress CMS 1.4.0 Code Execution / SQL Injection
Posted by deepcore on July 10, 2020 – 11:13 pm
Impress CMS version 1.4.0 has an issue where an authenticated user can make use of the AutoTask feature to execute php code, allowing for remote SQL injection and remote code execution.
Post a reply
You must be logged in to post a comment.