Lucene search
K

6 matches found

CVE
CVE
added 2014/12/30 2:0 a.m.61 views

CVE-2013-3295

Vulnerability overview (CVE-2013-3295) : Exponent CMS prior to 2.2.0 RC1 contains a PHP File Inclusion/Directory Traversal flaw in the install/popup.php script. The vulnerability arises from improper handling of the page parameter, allowing remote unauthenticated attackers to traverse the local f...

7.5CVSS7.1AI score0.01833EPSS
Exploits5References1Affected Software1
securityvulns
securityvulns
added 2013/07/15 12:0 a.m.68 views

Multiple Vulnerabilities in Exponent CMS

Advisory ID: HTB23154 Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Versions: 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patch: May 3, 2013 Public Disclosure: May 15, 2013 Vulnerability Type: SQL Injection CWE-89,...

7.5CVSS8.1AI score0.02452EPSS
Exploits5
exploitpack
exploitpack
added 2013/05/17 12:0 a.m.60 views

Exponent CMS 2.2.0 Beta 3 - Multiple Vulnerabilities

Exponent CMS 2.2.0 Beta 3 - Multiple Vulnerabilities Advisory ID: HTB23154 Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Versions: 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patch: May 3, 2013 Public Disclosure: M...

7.5CVSS0.3AI score0.02452EPSS
Exploits5
Exploit DB
Exploit DB
added 2013/05/17 12:0 a.m.71 views

Exponent CMS 2.2.0 Beta 3 - Multiple Vulnerabilities

Advisory ID: HTB23154 Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Versions: 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patch: May 3, 2013 Public Disclosure: May 15, 2013 Vulnerability Type: SQL Injection CWE-89,...

7.5CVSS6.4AI score0.02452EPSS
Exploits5
0day.today
0day.today
added 2013/05/16 12:0 a.m.87 views

Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection Vulnerabilities

Exponent CMS version 2.2.0 beta 3 suffers from local file inclusion and remote SQL injection vulnerabilities. Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Versions: 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patc...

7.5CVSS0.1AI score0.02452EPSS
Exploits5
Packet Storm
Packet Storm
added 2013/05/15 12:0 a.m.79 views

Exponent CMS 2.2.0 Beta 3 LFI / SQL Injection

Advisory ID: HTB23154 Product: Exponent CMS Vendor: Online Innovative Creations Vulnerable Versions: 2.2.0 beta 3 and probably prior Tested Version: 2.2.0 beta 3 Vendor Notification: April 24, 2013 Vendor Patch: May 3, 2013 Public Disclosure: May 15, 2013 Vulnerability Type: SQL Injection CWE-89,...

7.5CVSS0.2AI score0.02452EPSS
Exploits5
Rows per page
Query Builder