High severityNVD Advisory· Published Oct 6, 2012· Updated Apr 29, 2026
CVE-2011-4932
CVE-2011-4932
Description
Eval injection vulnerability in ip_cms/modules/standard/content_management/actions.php in ImpressPages CMS 1.0.12 and possibly other versons before 1.0.13 allows remote attackers to execute arbitrary code via the cm_group parameter.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
impresspages/impresspagesPackagist | < 1.0.13 | 1.0.13 |
Affected products
1- cpe:2.3:a:impresspages:impresspages_cms:1.0.12:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
12- archives.neohapsis.com/archives/bugtraq/2012-01/0029.htmlnvdExploit
- secunia.com/advisories/46193nvdVendor Advisory
- github.com/advisories/GHSA-fr34-mx6j-vpxhghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2011-4932ghsaADVISORY
- seclists.org/bugtraq/2011/Sep/156nvdWEB
- www.openwall.com/lists/oss-security/2012/01/15/9nvdWEB
- www.openwall.com/lists/oss-security/2012/01/18/12nvdWEB
- web.archive.org/web/20120726055617/http://www.securityfocus.com/bid/49798ghsaWEB
- web.archive.org/web/20120726081336/http://www.impresspages.org/news/impresspages-1-0-13-security-releaseghsaWEB
- www.impresspages.org/news/impresspages-1-0-13-security-release/nvd
- www.osvdb.org/75783nvd
- www.securityfocus.com/bid/49798nvd
News mentions
0No linked articles in our index yet.