888 matches found
Sql injection
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php...
CVE-2016-8900
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to changetags...
CVE-2016-8898
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php...
CVE-2016-8900
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to changetags...
CVE-2016-8898
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php...
CVE-2016-8898
Summary: CVE-2016-8898 affects Exponent CMS 2.3.9, with a SQL injection vulnerability in framework/modules/ecommerce/controllers/cartController.php. The issue is a database-level injection vulnerability in that cart controller path. The NVD entry lists a high/critical impact profile (CVSS v2: HIG...
CVE-2016-8900
Exponent CMS 2.3.9 is affected by an Object Injection vulnerability in framework/modules/core/controllers/expTagController.php (change_tags). The issue is documented across multiple sources (NVD, RH, CVE lists, etc.) under CVE-2016-8900. According to the NVD entry, the vulnerability has a base sc...
CVE-2016-8900
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to changetags...
CVE-2016-8899
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to changecats...
Design/Logic Flaw
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to changecats...
CVE-2016-8897
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php...
Sql injection
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php...
CVE-2016-8897
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php...
CVE-2016-8899
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to changecats...
CVE-2016-8897
CVE-2016-8897 affects Exponent CMS version 2.3.9, with a SQL injection vulnerability in framework/modules/help/controllers/helpController.php. The issue is described across multiple feeds (NVD, RH, OSV, CNVD, CVE lists) as a SQL injection in that PHP file, but the provided documents do not specif...
CVE-2016-8897
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php...
CVE-2016-8899
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to changecats...
CVE-2016-8899
CVE-2016-8899 affects Exponent CMS version 2.3.9 and involves an Object Injection vulnerability in the file framework/modules/core/controllers/expCatController.php, related to change_cats. The available documents identify the affected product and component and confirm the root cause as object inj...
OIC Exponent CMS SQL Injection Vulnerability (CNVD-2019-16532)
OIC Exponent CMS is a free, open source modular content management system CMS based on PHP from OIC, USA. The system supports direct editing in the page and provides user management, site configuration, content editing and other functions. A SQL injection vulnerability exists in the...
Exponent CMS Object Injection Vulnerability
OIC Exponent CMS is a free, open source, modular PHP-based content management system CMS from OIC USA. A security vulnerability exists in the framework/modules/core/controllers/expCatController.php file in Exponent CMS version 2.3.9. No details of the vulnerability are provided at this time...