CVE-2016-7789

Exponent CMS 2.3.9 and earlier is affected by a SQL injection in framework/core/models/expConfig.php, exploitable via the apikey parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands; the NVD entry labels it high/critical with network access and no authentication ...

Exponent CMS 2.3.9 SQL Injection Vulnerability

Exploit for php platform in category web applications Exponent CMS 2.3.9 SQL Injection Vulnerability Disclose 10 cve in Exponent CMS CVE-2016-7780 In the line 42 of cron/findhelp.php , $GET'version' can be controlled and injected. It is possible to time-based blind SQL Inject by the param of...