Filtered by vendor Exponentcms
Subscriptions
Filtered by product Exponent Cms
Subscriptions
Total
59 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-18213 | 1 Exponentcms | 1 Exponent Cms | 2024-09-16 | N/A |
| In Exponent CMS before 2.4.1 Patch #6, certain admin users can elevate their privileges. | ||||
| CVE-2010-5002 | 1 Exponentcms | 1 Exponent Cms | 2024-08-07 | N/A |
| Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter. | ||||
| CVE-2013-3294 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote attackers to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php. | ||||
| CVE-2013-3295 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| Directory traversal vulnerability in install/popup.php in Exponent CMS before 2.2.0 RC1 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the page parameter. | ||||
| CVE-2014-8690 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, the (2) src parameter in a none action to index.php, or the (3) "First Name" or (4) "Last Name" field to users/edituser. | ||||
| CVE-2014-6635 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.0 allows remote attackers to inject arbitrary web script or HTML via the src parameter in the search action to index.php. | ||||
| CVE-2015-8684 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspecified impact as demonstrated by uploading a file with an .html extension, then accessing it via the elFinder functionality. | ||||
| CVE-2015-8667 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Reset Your Password module in Exponent CMS before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the Username/Email. | ||||
| CVE-2015-1177 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.2. | ||||
| CVE-2016-9481 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments. The method showComments is defined in the expCommentControllercontroller with the parameter '$this->params['content_id']' used directly in SQL. Impact is a SQL injection. | ||||
| CVE-2016-9288 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this: /navigation/DragnDropReRank/target/1. | ||||
| CVE-2016-9284 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string. | ||||
| CVE-2016-9287 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search model with the parameter '$term' used directly in SQL. Impact is a SQL injection. | ||||
| CVE-2016-9286 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI. | ||||
| CVE-2016-9285 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| framework/modules/addressbook/controllers/addressController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via a modified id number, as demonstrated by address/edit/id/1, related to an "addresses, countries, and regions" issue. | ||||
| CVE-2016-9282 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 allows remote attackers to read database information via action=search&module=search with the search_string parameter. | ||||
| CVE-2016-9283 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue. | ||||
| CVE-2016-9272 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with the rerank array parameter, can lead to site database information disclosure and denial of service. | ||||
| CVE-2016-9242 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| Multiple SQL injection vulnerabilities in the update method in framework/modules/core/controllers/expRatingController.php in Exponent CMS 2.4.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) content_type or (2) subtype parameter. | ||||
| CVE-2016-9183 | 1 Exponentcms | 1 Exponent Cms | 2024-08-06 | N/A |
| In /framework/modules/ecommerce/controllers/orderController.php of Exponent CMS 2.4.0, untrusted input is passed into selectObjectsBySql. The method selectObjectsBySql of class mysqli_database uses the injectProof method to prevent SQL injection, but this filter can be bypassed easily: it only sanitizes user input if there are odd numbers of ' or " characters. Impact is Information Disclosure. | ||||