Exponentcms Exponent Cms vulnerabilities
60 known vulnerabilities affecting exponentcms/exponent_cms.
Total CVEs
60
CISA KEV
0
Public exploits
5
Exploited in wild
0
Severity breakdown
CRITICAL33HIGH14MEDIUM13
Vulnerabilities
Page 2 of 3
CVE-2017-5879P3CRITICALCVSS 9.8v2.4.12017-02-06
CVE-2017-5879 [CRITICAL] CWE-89 CVE-2017-5879: An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited b
An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile(). The vulnerability affects source_selector.php and the following parameter
nvd
CVE-2016-8898P3CRITICALCVSS 9.8v2.3.92019-05-24
CVE-2016-8898 [CRITICAL] CWE-89 CVE-2016-8898: Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php.
nvd
CVE-2016-9481P3CRITICALCVSS 9.8v2.4.02016-11-29
CVE-2016-9481 [CRITICAL] CWE-89 CVE-2016-9481: In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id inp
In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments. The method showComments is defined in the expCommentControllercontroller with the parameter '$this->params['content_id']' used directly in SQL. Impact is a SQL injection.
nvd
CVE-2016-7453P3CRITICALCVSS 9.8≤ 2.3.92016-11-03
CVE-2016-7453 [CRITICAL] CWE-89 CVE-2016-7453: The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection.
nvd
CVE-2016-8900P3CRITICALCVSS 9.8v2.3.92019-05-24
CVE-2016-8900 [CRITICAL] CWE-74 CVE-2016-8900: Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/c
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to change_tags.
nvd
CVE-2016-8899P3CRITICALCVSS 9.8v2.3.92019-05-23
CVE-2016-8899 [CRITICAL] CWE-74 CVE-2016-8899: Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/c
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to change_cats.
nvd
CVE-2016-8897P3CRITICALCVSS 9.8v2.3.92019-05-23
CVE-2016-8897 [CRITICAL] CWE-89 CVE-2016-8897: Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/cont
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php.
nvd
CVE-2016-7443P3CRITICALCVSS 9.8≥ 2.3.0, ≤ 2.3.92018-03-07
CVE-2016-7443 [CRITICAL] CWE-434 CVE-2016-7443: Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors rela
Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."
nvd
CVE-2016-9287P3CRITICALCVSS 9.8v2.4.02016-11-15
CVE-2016-9287 [CRITICAL] CWE-89 CVE-2016-9287: In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untr
In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search model with the parameter '$term' used directly in SQL. Impact is a SQL injection.
nvd
CVE-2016-9288P3CRITICALCVSS 9.8≤ 2.4.02016-11-11
CVE-2016-9288 [CRITICAL] CWE-89 CVE-2016-9288: In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older
In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this: /navigation/DragnDropReRank/target/1.
nvd
CVE-2016-9272P3CRITICALCVSS 9.1≤ 2.4.02016-11-11
CVE-2016-9272 [CRITICAL] CWE-89 CVE-2016-9272: A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with the rerank array parameter,
A Blind SQL Injection Vulnerability in Exponent CMS through 2.4.0, with the rerank array parameter, can lead to site database information disclosure and denial of service.
nvd
CVE-2016-9021P3CRITICALCVSS 9.8fixed in 2.6.02020-12-31
CVE-2016-9021 [CRITICAL] CWE-20 CVE-2016-9021: Exponent CMS before 2.6.0 has improper input validation in storeController.php.
Exponent CMS before 2.6.0 has improper input validation in storeController.php.
nvd
CVE-2016-9026P3CRITICALCVSS 9.8fixed in 2.6.02020-12-31
CVE-2016-9026 [CRITICAL] CWE-20 CVE-2016-9026: Exponent CMS before 2.6.0 has improper input validation in fileController.php.
Exponent CMS before 2.6.0 has improper input validation in fileController.php.
nvd
CVE-2016-9022P3CRITICALCVSS 9.8fixed in 2.6.02020-12-31
CVE-2016-9022 [CRITICAL] CWE-20 CVE-2016-9022: Exponent CMS before 2.6.0 has improper input validation in usersController.php.
Exponent CMS before 2.6.0 has improper input validation in usersController.php.
nvd
CVE-2016-9025P3CRITICALCVSS 9.8fixed in 2.6.02020-12-31
CVE-2016-9025 [CRITICAL] CWE-20 CVE-2016-9025: Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php.
Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php.
nvd
CVE-2016-9023P3CRITICALCVSS 9.8fixed in 2.6.02020-12-31
CVE-2016-9023 [CRITICAL] CWE-20 CVE-2016-9023: Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php.
Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php.
nvd
CVE-2016-9282P3HIGHCVSS 7.5v2.4.02016-11-11
CVE-2016-9282 [HIGH] CWE-89 CVE-2016-9282: SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 al
SQL Injection in framework/modules/search/controllers/searchController.php in Exponent CMS v2.4.0 allows remote attackers to read database information via action=search&module=search with the search_string parameter.
nvd
CVE-2016-9283P3HIGHCVSS 7.5v2.4.02016-11-11
CVE-2016-9283 [HIGH] CWE-89 CVE-2016-9283: SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attack
SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue.
nvd
CVE-2016-9134P3HIGHCVSS 7.5v2.3.92016-11-03
CVE-2016-9134 [HIGH] CWE-89 CVE-2016-9134: Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/expPaginator.php" affecting the o
Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/expPaginator.php" affecting the order parameter. Impact is Information Disclosure.
nvd
CVE-2016-9135P3HIGHCVSS 7.5v2.3.92016-11-03
CVE-2016-9135 [HIGH] CWE-89 CVE-2016-9135: Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/framework/modules/help/controller
Exponent CMS 2.3.9 suffers from a SQL injection vulnerability in "/framework/modules/help/controllers/helpController.php" affecting the version parameter. Impact is Information Disclosure.
nvd