Lucene search
K

The vulnerability of the ExponentCMS content management system lies in the lack of mechanisms for encoding or shielding output data, allowing attackers to compromise the integrity of the protected information.

🗓️ 10 Sep 2021 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType 
bdu_fstec
 bdu_fstec
🔗 bdu.fstec.ru👁 3 Views

ExponentCMS lacks output encoding and shielding, enabling HTTP header changes that harm integrity.

Related
Refs
ReporterTitlePublishedViews
Family
ATTACKERKB
CVE-2021-38751
16 Aug 202114:15
attackerkb
Circl
CVE-2021-38751
16 Aug 202118:15
circl
CNNVD
ExponentCMS安全漏洞
16 Aug 202100:00
cnnvd
CNVD
ExponentCMS has an unspecified vulnerability
18 Aug 202100:00
cnvd
CVE
CVE-2021-38751
16 Aug 202113:53
cve
Cvelist
CVE-2021-38751
16 Aug 202113:53
cvelist
Nuclei
ExponentCMS <= 2.6 - Host Header Injection
4 Jul 202603:00
nuclei
NVD
CVE-2021-38751
16 Aug 202114:15
nvd
Prion
Hardcoded credentials
16 Aug 202114:15
prion
RedhatCVE
CVE-2021-38751
22 May 202520:10
redhatcve
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

10 Sep 2021 00:00Current
5.5Medium risk
Vulners AI Score5.5
CVSS 24.3
CVSS 34.3
EPSS0.02468
3