CVE-2021-26598 Scanner
Detects 'Improper Access Control' vulnerability in ImpressCMS affects v. before 1.4.3.
Short Info
Level
Medium
Single Scan
Single Scan
Can be used by
Asset Owner
Estimated Time
10 second
Time Interval
1 month
Scan only one
Domain, Ipv4
Toolbox
-
ImpressCMS is a popular content management system that allows website owners to easily create and manage their online presence. It is designed to cater to the needs of both novice and advanced users, offering a wide range of features including customizable templates, multiple language support, and modular architecture.
CVE-2021-26598 is a recently discovered vulnerability in ImpressCMS, which allows unauthenticated attackers to gain access to the system through the include/findusers.php file. This means that anyone with a security token can exploit this vulnerability and gain unauthorized access to the system, resulting in compromised website security.
If this vulnerability is exploited, it can lead to a range of malicious activities such as unauthorized content editing, defacing of the website, and theft of sensitive information like usernames and passwords. This can have a significant impact on the online reputation of the website, as well as cause reputational harm to the owner of the website.
Thanks to the pro features of the s4e.io platform, users can easily and quickly learn about vulnerabilities in their digital assets. The platform offers a range of security tools and services to help website owners protect their online security, including vulnerability scanning, malware detection, and real-time threat monitoring. By utilizing these tools, users can stay ahead of potential security threats and ensure their online presence remains secure and protected.
REFERENCES