Vulnerabilities > Impresscms > Impresscms > 1.2.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2010-12-29 | CVE-2010-4616 | Cross-Site Scripting vulnerability in Impresscms Cross-site scripting (XSS) vulnerability in modules/content/admin/content.php in ImpressCMS 1.2.3 Final, and possibly other versions before 1.2.4, allows remote attackers to inject arbitrary web script or HTML via the quicksearch_ContentContent parameter. | 4.3 |
2010-11-17 | CVE-2010-4271 | SQL Injection vulnerability in Impresscms SQL injection vulnerability in ImpressCMS before 1.2.3 RC2 allows remote attackers to execute arbitrary SQL commands via unspecified vectors. | 7.5 |