Filtered by vendor Exponentcms
Subscriptions
Filtered by product Exponent Cms
Subscriptions
Total
59 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2016-7452 | 1 Exponentcms | 1 Exponent Cms | 2018-02-27 | N/A |
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal. | ||||
CVE-2016-7400 | 1 Exponentcms | 1 Exponent Cms | 2018-02-27 | N/A |
Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action. | ||||
CVE-2016-7095 | 1 Exponentcms | 1 Exponent Cms | 2018-02-27 | N/A |
Exponent CMS before 2.3.9 is vulnerable to an attacker uploading a malicious script file using redirection to place the script in an unprotected folder, one allowing script execution. | ||||
CVE-2014-8690 | 1 Exponentcms | 1 Exponent Cms | 2017-09-08 | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, the (2) src parameter in a none action to index.php, or the (3) "First Name" or (4) "Last Name" field to users/edituser. | ||||
CVE-2014-6635 | 1 Exponentcms | 1 Exponent Cms | 2017-09-08 | N/A |
Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the src parameter in the search action to index.php. | ||||
CVE-2013-3294 | 1 Exponentcms | 1 Exponent Cms | 2017-08-29 | N/A |
Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote attackers to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php. | ||||
CVE-2016-9481 | 1 Exponentcms | 1 Exponent Cms | 2017-07-28 | N/A |
In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments. The method showComments is defined in the expCommentControllercontroller with the parameter '$this->params['content_id']' used directly in SQL. Impact is a SQL injection. | ||||
CVE-2016-9288 | 1 Exponentcms | 1 Exponent Cms | 2017-07-28 | N/A |
In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this: /navigation/DragnDropReRank/target/1. | ||||
CVE-2016-9286 | 1 Exponentcms | 1 Exponent Cms | 2017-07-28 | N/A |
framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI. | ||||
CVE-2016-9285 | 1 Exponentcms | 1 Exponent Cms | 2017-07-28 | N/A |
framework/modules/addressbook/controllers/addressController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via a modified id number, as demonstrated by address/edit/id/1, related to an "addresses, countries, and regions" issue. | ||||
CVE-2016-9284 | 1 Exponentcms | 1 Exponent Cms | 2017-07-28 | N/A |
getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string. | ||||
CVE-2016-9283 | 1 Exponentcms | 1 Exponent Cms | 2017-07-28 | N/A |
SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue. | ||||
CVE-2016-9282 | 1 Exponentcms | 1 Exponent Cms | 2017-07-28 | N/A |
SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 allows remote attackers to read database information via action=search&module=search with the search_string parameter. | ||||
CVE-2016-7784 | 1 Exponentcms | 1 Exponent Cms | 2017-07-28 | N/A |
SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter. | ||||
CVE-2017-8085 | 1 Exponentcms | 1 Exponent Cms | 2017-04-29 | N/A |
In Exponent CMS before 2.4.1 Patch #5, XSS in elFinder is possible in framework/modules/file/connector/elfinder.php. | ||||
CVE-2016-9087 | 1 Exponentcms | 1 Exponent Cms | 2017-04-04 | N/A |
SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the fileid parameter. | ||||
CVE-2016-9020 | 1 Exponentcms | 1 Exponent Cms | 2017-04-04 | N/A |
SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | ||||
CVE-2016-9019 | 1 Exponentcms | 1 Exponent Cms | 2017-04-01 | N/A |
SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter. | ||||
CVE-2016-7789 | 1 Exponentcms | 1 Exponent Cms | 2017-04-01 | N/A |
SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter. | ||||
CVE-2016-7788 | 1 Exponentcms | 1 Exponent Cms | 2017-04-01 | N/A |
SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. |