Lucene search
+L

591 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2016-8634

Malware in sbrugna...

9.8CVSS9.5AI score0.02567EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/03 8:7 p.m.11 views

EUVD-2022-28158

Malicious code in bioql PyPI...

7.2CVSS7.1AI score0.02074EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-28157

Malicious code in bioql PyPI...

4.8CVSS5.2AI score0.02936EPSS
Exploits1References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.9 views

EUVD-2022-28159

Malicious code in bioql PyPI...

5.4CVSS5.7AI score0.03033EPSS
Exploits1References3
RedhatCVE
RedhatCVE
added 2025/05/23 1:14 a.m.14 views

CVE-2022-23048

Exponent CMS 2.6.0patch2 allows an authenticated admin user to upload a malicious extension in the format of a ZIP file with a PHP file inside it. After upload it, the PHP file will be placed at "themes/simpletheme/rce.php" from where can be accessed in order to execute commands...

7.2CVSS7AI score0.02074EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:52 p.m.11 views

CVE-2022-23049

Exponent CMS 2.6.0patch2 allows an authenticated user to inject persistent JavaScript code on the "User-Agent" header when logging in. When an administrator user visits the "User Sessions" tab, the JavaScript will be triggered allowing an attacker to compromise the administrator session...

5.4CVSS6.7AI score0.03033EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:37 p.m.8 views

CVE-2021-32441

SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class...

7.5CVSS7.8AI score0.00595EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 11:34 a.m.7 views

CVE-2016-8897

Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php...

9.8CVSS7.2AI score0.01789EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:34 a.m.8 views

CVE-2016-8898

Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php...

9.8CVSS7.2AI score0.01789EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:29 a.m.10 views

CVE-2016-9023

Exponent CMS before 2.6.0 has improper input validation in cron/findhelp.php...

9.8CVSS6.9AI score0.01249EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:20 a.m.5 views

CVE-2016-8900

Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to changetags...

9.8CVSS7.2AI score0.02115EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:19 a.m.5 views

CVE-2016-8899

Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to changecats...

9.8CVSS7.1AI score0.02115EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/21 6:36 p.m.6 views

CVE-2005-3764

The image gallery imagegallery component in Exponent CMS 0.96.3 and later versions does not properly check the MIME type of uploaded files, with unknown impact from the preview icon, possibly involving injection of HTML...

10CVSS7.3AI score0.01375EPSS
Exploits0References1
NVD
NVD
added 2023/02/17 6:15 p.m.27 views

CVE-2021-32441

SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class...

7.5CVSS7.9AI score0.00595EPSS
Exploits0References2
OSV
OSV
added 2023/02/17 6:15 p.m.16 views

CVE-2021-32441

SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class...

7.5CVSS7.9AI score
Exploits0References2
Prion
Prion
added 2023/02/17 6:15 p.m.12 views

Sql injection

SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class...

5CVSS7.9AI score0.00595EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2023/02/17 12:0 a.m.51 views

CVE-2021-32441

The CVE-2021-32441 issue affects Exponent-CMS, specifically the expConfig.selectValue path in version 2.6.0. The vulnerability is a SQL Injection that can lead to disclosure of sensitive information. The public records consistently identify the fix as upgrading to version 2.7.0. There is no expli...

7.5CVSS7.9AI score0.00595EPSS
Exploits0References2Affected Software1
CNNVD
CNNVD
added 2023/02/17 12:0 a.m.3 views

OIC Exponent CMS SQL注入漏洞

OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in pages and provides user management, site configuration, content editing and other functions. An SQL injection vulnerability exists in OIC Exponent CMS...

7.5CVSS7.4AI score0.00595EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2023/02/17 12:0 a.m.12 views

CVE-2021-32441

SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class...

7.8AI score0.00595EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/02/17 12:0 a.m.24 views

CVE-2021-32441

SQL Injection vulnerability in Exponent-CMS v.2.6.0 fixed in 2.7.0 allows attackers to gain access to sensitive information via the selectValue function in the expConfig class...

8.1AI score0.00595EPSS
Exploits0References2
Rows per page
Query Builder