CVE-2016-9283

2016-11-11T22:59:00
ID CVE-2016-9283
Type cve
Reporter cve@mitre.org
Modified 2017-07-28T01:29:00

Description

SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue.