CVE-2014-1836 — ImpressCMS Path Traversal to Arbitrary File Delete

Description

Absolute path traversal vulnerability in `htdocs/libraries/image-editor/image-edit.php` in ImpressCMS before 1.3.6 allows remote attackers to delete arbitrary files via a full pathname in the `image_path` parameter in a cancel action.

How to fix CVE-2014-1836

To remediate CVE-2014-1836, upgrade the affected package to a fixed version below.

Packagist/impresscms/impresscms—upgrade to 1.3.6 or later

Is CVE-2014-1836 being exploited?

Moderate — EPSS is 18.5%. Track this CVE but it's not at the top of the prioritisation list.

Affected packages (1)

from 0, < 1.3.6

References (6)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2014-1836
WEBcommunity.impresscms.org/modules/smartsection/item.php?itemid=675
WEBseclists.org/fulldisclosure/2014/Feb/14
WEBgithub.com/ImpressCMS/impresscms/issues/914