Filtered by vendor Exponentcms
Subscribe
Total
60 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2016-9183 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| In /framework/modules/ecommerce/controllers/orderController.php of Exponent CMS 2.4.0, untrusted input is passed into selectObjectsBySql. The method selectObjectsBySql of class mysqli_database uses the injectProof method to prevent SQL injection, but this filter can be bypassed easily: it only sanitizes user input if there are odd numbers of ' or " characters. Impact is Information Disclosure. | |||||
| CVE-2016-9182 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Exponent CMS 2.4 uses PHP reflection to call a method of a controller class, and then uses the method name to check user permission. But, the method name in PHP reflection is case insensitive, and Exponent CMS permits undefined actions to execute by default, so an attacker can use a capitalized method name to bypass the permission check, e.g., controller=expHTMLEditor&action=preview&editor=ckeditor and controller=expHTMLEditor&action=Preview&editor=ckeditor. An anonymous user will be rejected for the former but can access the latter. | |||||
| CVE-2016-9135 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/framework/modules/help/controllers/helpController.php" affecting the version parameter. Impact is Information Disclosure. | |||||
| CVE-2016-9134 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 5.0 MEDIUM | 7.5 HIGH |
| Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/expPaginator.php" affecting the order parameter. Impact is Information Disclosure. | |||||
| CVE-2016-9087 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the fileid parameter. | |||||
| CVE-2016-9026 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS before 2.6.0 has improper input validation in fileController.php. | |||||
| CVE-2016-9025 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php. | |||||
| CVE-2016-9023 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php. | |||||
| CVE-2016-9022 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS before 2.6.0 has improper input validation in usersController.php. | |||||
| CVE-2016-9021 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS before 2.6.0 has improper input validation in storeController.php. | |||||
| CVE-2016-9020 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | |||||
| CVE-2016-9019 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter. | |||||
| CVE-2016-8900 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to change_tags. | |||||
| CVE-2016-8899 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to change_cats. | |||||
| CVE-2016-8898 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php. | |||||
| CVE-2016-8897 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php. | |||||
| CVE-2016-7791 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload an evil 'exploit.tar.gz' file to the website, then extract it by visiting '/install/index.php?install_sample=../../files/exploit', which leads to arbitrary code execution. | |||||
| CVE-2016-7790 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload 'php' file to the website through uploader_paste.php, then overwrite /framework/conf/config.php, which leads to arbitrary code execution. | |||||
| CVE-2016-7789 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter. | |||||
| CVE-2016-7788 | 1 Exponentcms | 1 Exponent Cms | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | |||||