CVE-2016-7782

2017-03-07T16:59:00
ID CVE-2016-7782
Type cve
Reporter cve@mitre.org
Modified 2017-03-31T01:59:00

Description

SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter.