Total
59 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2016-7781 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author parameter. | |||||
CVE-2017-7991 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS 2.4.1 and earlier has SQL injection via a base64 serialized API key (apikey parameter) in the api function of framework/modules/eaas/controllers/eaasController.php. | |||||
CVE-2016-7400 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action. | |||||
CVE-2016-7789 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter. | |||||
CVE-2016-2242 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 10.0 HIGH | 9.8 CRITICAL |
Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to execute arbitrary code via the sc parameter to install/index.php. | |||||
CVE-2016-9286 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI. | |||||
CVE-2017-5879 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile(). The vulnerability affects source_selector.php and the following parameter: src. | |||||
CVE-2015-8684 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspecified impact as demonstrated by uploading a file with an .html extension, then accessing it via the elFinder functionality. | |||||
CVE-2016-7788 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||
CVE-2016-7780 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | |||||
CVE-2016-9272 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 6.4 MEDIUM | 9.1 CRITICAL |
A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with the rerank array parameter, can lead to site database information disclosure and denial of service. | |||||
CVE-2016-9481 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments. The method showComments is defined in the expCommentControllercontroller with the parameter '$this->params['content_id']' used directly in SQL. Impact is a SQL injection. | |||||
CVE-2016-9087 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the fileid parameter. | |||||
CVE-2016-9288 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this: /navigation/DragnDropReRank/target/1. | |||||
CVE-2016-9020 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | |||||
CVE-2016-9019 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter. | |||||
CVE-2016-9287 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search model with the parameter '$term' used directly in SQL. Impact is a SQL injection. | |||||
CVE-2016-9284 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 5.0 MEDIUM | 5.3 MEDIUM |
getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string. | |||||
CVE-2016-7782 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 7.5 HIGH | 9.8 CRITICAL |
SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter. | |||||
CVE-2017-8085 | 1 Exponentcms | 1 Exponent Cms | 2024-02-28 | 4.3 MEDIUM | 6.1 MEDIUM |
In Exponent CMS before 2.4.1 Patch #5, XSS in elFinder is possible in framework/modules/file/connector/elfinder.php. |