Impress CMS 1.4.0 Code Execution / SQL Injection
Posted on 10 July 2020
Impress CMS version 1.4.0 has an issue where an authenticated user can make use of the AutoTask feature to execute php code, allowing for remote SQL injection and remote code execution.