17 matches found
ExponentCMS <= 2.6 - Host Header Injection
An HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponentconstants.php. A modified HTTP header can change links on the webpage to an arbitrary value,leading to a possible attack vector for MITM. id: CVE-2021-38751 info: name: ExponentCMS = 2.6 - Host Header Injection author:...
CVE-2021-38751
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponentconstants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM...
ExponentCMS has an unspecified vulnerability
ExponentCMS is an open source web content management system that allows website owners to easily create and manage dynamic websites without having to directly code web pages or manage site navigation.ExponentCMS 2.6 and earlier versions have a security vulnerability that stems from a modified HTT...
CVE-2021-38751
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponentconstants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM...
CVE-2021-38751
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponentconstants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM...
Hardcoded credentials
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponentconstants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM...
CVE-2021-38751
CVE-2021-38751 describes a host header injection in ExponentCMS 2.6 and earlier, exploitable via the file /exponent_constants.php. A crafted HTTP Host header can cause links on the page to be rewritten to arbitrary values, creating a potential MITM attack vector. The publicly referenced sources (...
CVE-2021-38751
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponentconstants.php. A modified HTTP header can change links on the webpage to an arbitrary value, leading to a possible attack vector for MITM...
ExponentCMS安全漏洞
ExponentCMS is an open source web content management system that allows website owners to easily create and manage dynamic websites without having to directly code web pages or manage site navigation.ExponentCMS 2.6 and earlier versions have a security vulnerability that stems from a modified HTT...
exponentcms 2.0.5 - Multiple Vulnerabilities
No description provided by source...
exponentcms 2.0.5 - Multiple Vulnerabilities
exponentcms 2.0.5 - Multiple Vulnerabilities Information -------------------- Name : XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Software : ExponentCMS 2.0.5 and possibly below. Vendor Homepage : http://www.exponentcms.org Vulnerability Type : Cross-Site Scripting and SQL Injection...
XSS and Blind SQL Injection Vulnerabilities in ExponentCMS
Information -------------------- Name : XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Software : ExponentCMS 2.0.5 and possibly below. Vendor Homepage : http://www.exponentcms.org Vulnerability Type : Cross-Site Scripting and SQL Injection Severity : Critical Researcher : Onur Y?lmaz...
ExponentCMS 2.0.5 Multiple Vulnerabilities
Exploit for php platform in category web applications Information -------------------- Name : XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Software : ExponentCMS 2.0.5 and possibly below. Vendor Homepage : http://www.exponentcms.org Vulnerability Type : Cross-Site Scripting and SQL...
ExponentCMS 2.0.5 Cross Site Scripting / SQL Injection
Exploit for php platform in category web applications Information -------------------- Name : XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Software : ExponentCMS 2.0.5 and possibly below. Vendor Homepage : http://www.exponentcms.org Vulnerability Type : Cross-Site Scripting and SQL...
ExponentCMS 2.0.5 Cross Site Scripting / SQL Injection
Information -------------------- Name : XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Software : ExponentCMS 2.0.5 and possibly below. Vendor Homepage : http://www.exponentcms.org Vulnerability Type : Cross-Site Scripting and SQL Injection Severity : Critical Researcher : Onur Yılmaz...
exponentcms 2.0.5 - Multiple Vulnerabilities
Information -------------------- Name : XSS and Blind SQL Injection Vulnerabilities in ExponentCMS Software : ExponentCMS 2.0.5 and possibly below. Vendor Homepage : http://www.exponentcms.org Vulnerability Type : Cross-Site Scripting and SQL Injection Severity : Critical Researcher : Onur Yılmaz...
exponentCMS.txt
A number of security issues have been discovered in ExponentCMS ------------------------------------------------------------------------ --------------------- Exponent is a fully-featured, modern CMS written in PHP, that enables non-technical people to manage and update their websites with minima...