CVE-2013-3294

2014-02-11T17:55:00
ID CVE-2013-3294
Type cve
Reporter cve@mitre.org
Modified 2017-08-29T01:33:00

Description

Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote attackers to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php.