CVE-2016-9019

SQL injection vulnerability in the activateaddress function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the iswhat parameter...

CVE-2016-9019

SQL injection vulnerability in the activateaddress function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the iswhat parameter...

CVE-2016-9019

CVE-2016-9019 describes a SQL injection in Exponent CMS up to version 2.3.9 in the activate_address function (framework/modules/addressbook/controllers/addressController.php) where the is_what parameter can be manipulated to execute arbitrary SQL. Public sources in the connected documents confirm...

CVE-2016-9019

SQL injection vulnerability in the activateaddress function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the iswhat parameter...

Exponent CMS 2.3.9 SQL Injection Vulnerability

Exploit for php platform in category web applications Exponent CMS 2.3.9 SQL Injection Vulnerability Disclose 10 cve in Exponent CMS CVE-2016-7780 In the line 42 of cron/findhelp.php , $GET'version' can be controlled and injected. It is possible to time-based blind SQL Inject by the param of...