Skip to content

CVE-2014-4036

Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action.

View on NVD

Severity

N/A

EPSS

Probability of exploitation (next 30 days): 0.0022 (0.2%)
Percentile: 45.1%
EPSS: 2026-05-06

Affects

impresscms:impresscms

Technical description

Cross-site scripting (XSS) vulnerability in modules/system/admin.php in ImpressCMS 1.3.6.1 allows remote attackers to inject arbitrary web script or HTML via the query parameter in a listimg action.

Published: 6/11/2014, 2:55:10 PM
Last modified: 5/6/2026, 10:30:45 PM

References

HomeEventsBlogResourcesTeam