Total
59 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2021-32441 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | N/A | 7.5 HIGH |
SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class. | |||||
CVE-2022-23047 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 3.5 LOW | 4.8 MEDIUM |
Exponent CMS 2.6.0patch2 allows an authenticated admin user to inject persistent JavaScript code inside the "Site/Organization Name","Site Title" and "Site Header" parameters while updating the site settings on "/exponentcms/administration/configure_site" | |||||
CVE-2022-23048 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
Exponent CMS 2.6.0patch2 allows an authenticated admin user to upload a malicious extension in the format of a ZIP file with a PHP file inside it. After upload it, the PHP file will be placed at "themes/simpletheme/{rce}.php" from where can be accessed in order to execute commands. | |||||
CVE-2022-23049 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 3.5 LOW | 5.4 MEDIUM |
Exponent CMS 2.6.0patch2 allows an authenticated user to inject persistent JavaScript code on the "User-Agent" header when logging in. When an administrator user visits the "User Sessions" tab, the JavaScript will be triggered allowing an attacker to compromise the administrator session. | |||||
CVE-2016-9025 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php. | |||||
CVE-2016-9021 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS before 2.6.0 has improper input validation in storeController.php. | |||||
CVE-2016-9022 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS before 2.6.0 has improper input validation in usersController.php. | |||||
CVE-2016-9023 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php. | |||||
CVE-2016-9026 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS before 2.6.0 has improper input validation in fileController.php. | |||||
CVE-2016-8900 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to change_tags. | |||||
CVE-2016-8898 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php. | |||||
CVE-2016-8899 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to change_cats. | |||||
CVE-2016-8897 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php. | |||||
CVE-2016-7443 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location." | |||||
CVE-2017-18213 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 6.5 MEDIUM | 7.2 HIGH |
In Exponent CMS before 2.4.1 Patch #6, certain admin users can elevate their privileges. | |||||
CVE-2015-1177 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 4.3 MEDIUM | 6.1 MEDIUM |
Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.2. | |||||
CVE-2017-5879 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile(). The vulnerability affects source_selector.php and the following parameter: src. | |||||
CVE-2016-7400 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action. | |||||
CVE-2016-9286 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 5.0 MEDIUM | 5.3 MEDIUM |
framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI. | |||||
CVE-2016-9287 | 1 Exponentcms | 1 Exponent Cms | 2023-12-10 | 7.5 HIGH | 9.8 CRITICAL |
In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search model with the parameter '$term' used directly in SQL. Impact is a SQL injection. |