Vulnerabilities > CVE-2023-33604 - Unspecified vulnerability in Imperial CMS Project Imperial CMS 7.5

047910
CVSS 9.1 - CRITICAL
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
NONE
Integrity impact
HIGH
Availability impact
HIGH
network
low complexity
imperial-cms-project
critical
NVD
Published: 2023-06-07
Updated: 2023-06-13

Summary

Imperial CMS v7.5 was discovered to contain an arbitrary file deletion vulnerability via the DelspReFile function in /sp/ListSp.php. This vulnerability is exploited by attackers via a crafted POST request.

Vulnerable Configurations

Part Description Count
Application
Imperial_Cms_Project
1

References