RCE in Impresspages Impresspages_cms

CVE-2011-4932

Eval injection vulnerability in ip_cms/modules/standard/content_management/actions.php in ImpressPages CMS 1.0.12 and possibly other versons before 1.0.13 allows remote attackers to execute arbitrary code via the cm_group parameter.

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.039 (89.1th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

References