2 matches found
CVE-2010-5002
Cross-site scripting XSS vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter...
CVE-2010-5002
CVE-2010-5002: Exponent CMS 0.97.0 is affected by a Cross-Site Scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php, exploitable via the u parameter to inject arbitrary script/HTML. The NVD entry lists a 4.3 base score (Medium) with network access, no confidentiality/availabi...