Lucene search
HistoryFeb 11, 2014 - 5:55 p.m.
CVE-2013-3294
exponent cms
sql injection
vulnerability
nvd
cve-2013-3294
8.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
50.4%
Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote attackers to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php.
Affected configurations
Node
exponentcmsexponent_cmsRange≤2.2.0
ORexponentcmsexponent_cmsMatch0.97.0
ORexponentcmsexponent_cmsMatch0.98.0
ORexponentcmsexponent_cmsMatch0.99.0beta1
ORexponentcmsexponent_cmsMatch2.0.0
ORexponentcmsexponent_cmsMatch2.0.1
ORexponentcmsexponent_cmsMatch2.0.2
ORexponentcmsexponent_cmsMatch2.0.3
ORexponentcmsexponent_cmsMatch2.0.4
ORexponentcmsexponent_cmsMatch2.0.5
ORexponentcmsexponent_cmsMatch2.0.6
ORexponentcmsexponent_cmsMatch2.0.7
ORexponentcmsexponent_cmsMatch2.0.8
ORexponentcmsexponent_cmsMatch2.0.9
ORexponentcmsexponent_cmsMatch2.1.0
ORexponentcmsexponent_cmsMatch2.1.1
ORexponentcmsexponent_cmsMatch2.1.2
ORexponentcmsexponent_cmsMatch2.1.3
ORexponentcmsexponent_cmsMatch2.1.4
Related
nvd
nvd
CVE-2013-3294
2014-02-11 17:55:06
prion
prion
Sql injection
2014-02-11 17:55:00
cvelist
cvelist
CVE-2013-3294
2014-02-11 17:00:00
securityvulns
securityvulns
Multiple Vulnerabilities in Exponent CMS
2013-07-15 00:00:00
zdt
zdt
Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection Vulnerabilities
2013-05-16 00:00:00
exploitpack
exploitpack
Exponent CMS 2.2.0 Beta 3 - Multiple Vulnerabilities
2013-05-17 00:00:00
openvas
openvas
Exponent CMS Multiple Vulnerabilities
2013-05-23 00:00:00
packetstorm
packetstorm
Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection
2013-05-15 00:00:00
htbridge
htbridge
Multiple Vulnerabilities in Exponent CMS
2013-04-24 00:00:00
exploitdb
exploitdb
Exponent CMS 2.2.0 Beta 3 - Multiple Vulnerabilities
2013-05-17 00:00:00
8.5 High
AI Score
Confidence
Low
7.5 High
CVSS2
Access Vector
Access Complexity
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
0.001 Low
EPSS
Percentile
50.4%
Related for CVE-2013-3294