Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via unspecified vectors.
5.4CVSS
5AI Score
0.001EPSS
Cross-site scripting vulnerability in Exment prior to v3.6.0 allows remote authenticated attackers to inject arbitrary script or HTML via a specially crafted file.
5.4CVSS
5AI Score
0.001EPSS
SQL injection vulnerability in the Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows remote authenticated attackers to execute arbitrary SQL commands.
8.8CVSS
8.7AI Score
0.001EPSS
Reflected cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows a remote authenticated attacker to inject an arbitrary...
5.4CVSS
5.2AI Score
0.001EPSS
Stored cross-site scripting vulnerability in Exment ((PHP8) exceedone/exment v5.0.2 and earlier and exceedone/laravel-admin v3.0.0 and earlier, (PHP7) exceedone/exment v4.4.2 and earlier and exceedone/laravel-admin v2.2.2 and earlier) allows a remote authenticated attacker to inject an arbitrary sc...
5.4CVSS
5.2AI Score
0.001EPSS