Lucene search
K
ExponentcmsExponent Cms

59 matches found

CVE
CVE
added 2022/02/09 10:3 p.m.131 views

CVE-2022-23048

CVE-2022-23048 affects Exponent CMS 2.6.0patch2. An authenticated admin can upload a ZIP extension containing a PHP file; the file is written to the server under themes/simpletheme/{rce}.php and can be accessed to execute commands. This is a post-auth file upload vulnerability enabling remote cod...

7.2CVSS7AI score0.02074EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.118 views

CVE-2022-23049

Exponent CMS 2.6.0patch2 is affected by a vulnerability where an authenticated user can inject persistent JavaScript in the User-Agent header at login. When an administrator visits the User Sessions tab, the injected script is executed, enabling session compromise of the administrator. The availa...

5.4CVSS5.4AI score0.03033EPSS
CVE
CVE
added 2014/02/11 5:0 p.m.106 views

CVE-2013-3294

CVE-2013-3294 and CVE-2013-3295 affect Exponent CMS, with multiple vulnerabilities in 2.2.0 beta3 and earlier: CVE-2013-3294 is a SQL Injection in index.php via src and username parameters, exploitable remotely; CVE-2013-3295 is a PHP File Inclusion via install/popup.php?page parameter, enabling ...

7.5CVSS8.5AI score0.02452EPSS
CVE
CVE
added 2022/02/09 10:3 p.m.83 views

CVE-2022-23047

Exponent CMS 2.6.0patch2 is affected: an authenticated admin can inject persistent JavaScript into the Site/Organization Name, Site Title, and Site Header when updating settings via /exponentcms/administration/configure_site. Several connected sources describe this as a cross-site scripting issue...

4.8CVSS5.1AI score0.02936EPSS
Web
CVE
CVE
added 2020/12/31 2:10 a.m.81 views

CVE-2016-9022

Exponent CMS prior to 2.6.0 contains an input validation flaw in usersController.php. The issue, caused by improper input validation, affects Exponent CMS versions before 2.6.0. Public references indicate a high-severity impact with access via network (per CVSS v2) and a critical impact profile (...

9.8CVSS9.4AI score0.01275EPSS
CVE
CVE
added 2020/12/31 2:12 a.m.80 views

CVE-2016-9026

CVE-2016-9026 affects Exponent CMS prior to 2.6.0, where improper input validation in fileController.php creates a vulnerability in the CMS. Multiple connected sources confirm the issue exists in Exponent CMS before 2.6.0; the problem is tied to fileController.php input handling. The exploitation...

9.8CVSS9.4AI score0.01275EPSS
CVE
CVE
added 2020/12/31 2:13 a.m.78 views

CVE-2016-9023

CVE-2016-9023 affects Exponent CMS prior to 2.6.0, attributing the issue to improper input validation in cron/find_help.php. Multiple sources (NVD, Red Hat advisory, CNVD, OSV) corroborate this vulnerability in Exponent CMS versions before 2.6.0. The NVD metrics indicate a high/critical impact (C...

9.8CVSS9.4AI score0.01249EPSS
CVE
CVE
added 2020/12/31 2:11 a.m.75 views

CVE-2016-9025

CVE-2016-9025 affects Exponent CMS prior to 2.6.0 due to improper input validation in purchaseOrderController.php. The vulnerability exposes high-impact risks on confidentiality, integrity, and availability (CVSS v3.1: Network, NONE user interaction, C/H/I/H). Public references confirm the issue ...

9.8CVSS9.4AI score0.01249EPSS
CVE
CVE
added 2020/12/31 2:9 a.m.74 views

CVE-2016-9021

CVE-2016-9021 affects Exponent CMS prior to 2.6.0, with a vulnerability in the input validation of storeController.php. The Red Hat, NVD, OSV, CNVD, and other references corroborate that the issue lies in improper input validation, leading to high-severity impact (CVSSv3.1: CRITICAL; CVSSv2: HIGH...

9.8CVSS9.4AI score0.01275EPSS
CVE
CVE
added 2017/02/07 3:0 p.m.64 views

CVE-2016-7400

Exponent CMS before 2.4.0 is affected by multiple SQL injection vulnerabilities (parameters: id in activate_address, title in show blog, content_id in showComments expComment) that allow remote attackers to execute arbitrary SQL. Official fix released in version 2.4.0; upgrade to 2.4.0 or apply v...

9.8CVSS10AI score0.04651EPSS
CVE
CVE
added 2014/12/30 2:0 a.m.60 views

CVE-2013-3295

Vulnerability overview (CVE-2013-3295) : Exponent CMS prior to 2.2.0 RC1 contains a PHP File Inclusion/Directory Traversal flaw in the install/popup.php script. The vulnerability arises from improper handling of the page parameter, allowing remote unauthenticated attackers to traverse the local f...

7.5CVSS7.1AI score0.01833EPSS
CVE
CVE
added 2019/05/24 4:11 p.m.58 views

CVE-2016-8900

Exponent CMS 2.3.9 is affected by an Object Injection vulnerability in framework/modules/core/controllers/expTagController.php (change_tags). The issue is documented across multiple sources (NVD, RH, CVE lists, etc.) under CVE-2016-8900. According to the NVD entry, the vulnerability has a base sc...

9.8CVSS9.4AI score0.02115EPSS
CVE
CVE
added 2017/01/18 5:0 p.m.56 views

CVE-2015-8684

CVE-2015-8684 affects Exponent CMS prior to 2.3.7. The flaw arises from insufficiently restricting upload file types, enabling an attacker to upload an HTML file and trigger cross-site scripting via the elFinder functionality. Impact described as remote XSS and possibly other unspecified effects....

6.1CVSS6.2AI score0.01223EPSS
CVE
CVE
added 2017/02/06 3:0 p.m.56 views

CVE-2017-5879

CVE-2017-5879 affects Exponent CMS 2.4.1. The issue is a blind SQL injection in the file/source_selector.php, targeting the src parameter, that can be exploited by unauthenticated users via an HTTP GET request and may allow dumping of database data to a malicious server using an out-of-band techn...

9.8CVSS9.7AI score0.01908EPSS
CVE
CVE
added 2019/05/24 4:20 p.m.54 views

CVE-2016-8898

Summary: CVE-2016-8898 affects Exponent CMS 2.3.9, with a SQL injection vulnerability in framework/modules/ecommerce/controllers/cartController.php. The issue is a database-level injection vulnerability in that cart controller path. The NVD entry lists a high/critical impact profile (CVSS v2: HIG...

9.8CVSS9.5AI score0.01789EPSS
CVE
CVE
added 2016/11/04 10:0 a.m.53 views

CVE-2016-9182

Exponent CMS 2.4 is vulnerable to a permission-bypass flaw in its controller dispatch: PHP reflection treats method names as case-insensitive and undefined actions may run by default. An attacker can use a capitalized method name (e.g., action=Preview) to bypass checks that would deny access with...

7.5CVSS8.1AI score0.01406EPSS
CVE
CVE
added 2019/05/23 6:21 p.m.52 views

CVE-2016-8897

CVE-2016-8897 affects Exponent CMS version 2.3.9, with a SQL injection vulnerability in framework/modules/help/controllers/helpController.php. The issue is described across multiple feeds (NVD, RH, OSV, CNVD, CVE lists) as a SQL injection in that PHP file, but the provided documents do not specif...

9.8CVSS9.5AI score0.01789EPSS
CVE
CVE
added 2017/04/24 2:0 p.m.52 views

CVE-2017-8085

Exponent CMS vulnerable before 2.4.1 Patch #5 due to an XSS flaw in elFinder (framework/modules/file/connector/elfinder.php). The issue affects Exponent CMS versions prior to 2.4.1 Patch #5; patch 2.4.1 Patch #5 fixes the vulnerability. The connected sources describe the vulnerability as a cross-...

6.1CVSS5.9AI score0.01147EPSS
CVE
CVE
added 2018/03/04 2:0 a.m.51 views

CVE-2017-18213

CVE-2017-18213 affects Exponent CMS prior to 2.4.1 Patch #6. The vulnerability allows certain admin users to elevate their privileges, constituting a privilege-escalation issue. The CVSS metrics in the provided sources indicate a high impact (CONFIDENTIALITY, INTEGRITY, and AVAILABILITY affected;...

7.2CVSS7AI score0.01402EPSS
CVE
CVE
added 2023/02/17 12:0 a.m.51 views

CVE-2021-32441

The CVE-2021-32441 issue affects Exponent-CMS, specifically the expConfig.selectValue path in version 2.6.0. The vulnerability is a SQL Injection that can lead to disclosure of sensitive information. The public records consistently identify the fix as upgrading to version 2.7.0. There is no expli...

7.5CVSS7.9AI score0.00595EPSS
CVE
CVE
added 2011/11/01 10:0 p.m.50 views

CVE-2010-5002

CVE-2010-5002: Exponent CMS 0.97.0 is affected by a Cross-Site Scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php, exploitable via the u parameter to inject arbitrary script/HTML. The NVD entry lists a 4.3 base score (Medium) with network access, no confidentiality/availabi...

4.3CVSS5.9AI score0.0173EPSS
CVE
CVE
added 2017/03/07 4:0 p.m.50 views

CVE-2016-9087

CVE-2016-9087 affects Exponent CMS 2.3.9 and earlier, with a SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.php via the fileid parameter. Multiple connected sources describe the vulnerability across CVSS metrics: CVSS v2 base 7.5 (P/C/I/A partial...

9.8CVSS10AI score0.02225EPSS
CVE
CVE
added 2016/11/11 10:0 p.m.49 views

CVE-2016-9283

CVE-2016-9283 affects Exponent CMS v2.4.0 and is due to an SQL injection in framework/core/subsystems/expRouter.php, enabling remote attackers to read database information via address/addContentToSearch/id/ and a trailing string related to the sef URL mechanism. Multiple feeds (NVD entry, CNVD/CV...

7.5CVSS8.2AI score0.01696EPSS
CVE
CVE
added 2016/11/03 10:0 a.m.48 views

CVE-2016-7095

Exponent CMS prior to version 2.3.9 is vulnerable to an attacker uploading a malicious script file via redirection to place it in an unprotected folder that allows script execution. This affects Exponent CMS 2.3.x and earlier components handling file uploads; impact includes potential code execut...

9.8CVSS9.4AI score0.02276EPSS
CVE
CVE
added 2016/11/03 10:0 a.m.48 views

CVE-2016-7453

CVE-2016-7453 affects Exponent CMS prior to v2.3.9 patch 2, due to SQL injection in the Pixidou Image Editor component. The vulnerability arises from inadequate input filtering in the editor module, enabling an attacker to perform an SQL injection that could compromise the application and its dat...

9.8CVSS9.6AI score0.0149EPSS
CVE
CVE
added 2017/03/07 4:0 p.m.48 views

CVE-2016-7780

CVE-2016-7780 affects Exponent CMS up to version 2.3.9. The vulnerability is a SQL injection in cron/find_help.php where the version parameter can be controlled to execute arbitrary SQL commands. Mitigation/repair exists in the project; a fix is provided in the Exponent CMS repository (commit a8e...

9.8CVSS10AI score0.02567EPSS
CVE
CVE
added 2019/05/23 6:18 p.m.48 views

CVE-2016-8899

CVE-2016-8899 affects Exponent CMS version 2.3.9 and involves an Object Injection vulnerability in the file framework/modules/core/controllers/expCatController.php, related to change_cats. The available documents identify the affected product and component and confirm the root cause as object inj...

9.8CVSS9.4AI score0.02115EPSS
Web
CVE
CVE
added 2016/11/03 10:0 a.m.48 views

CVE-2016-9134

Exponent CMS 2.3.9 suffers from a SQL injection in the file /expPaginator.php via the order parameter, leading to potential information disclosure. Documented across multiple sources (NVD, CNVD, OSV, CVE record). Root cause: unsafely interpolated input in a query. Impact: Information Disclosure. ...

7.5CVSS7.8AI score0.0204EPSS
CVE
CVE
added 2017/03/07 4:0 p.m.47 views

CVE-2016-7781

Exponent CMS prior to 2.4.0 is affected by a SQL injection in the blog module: in blogController.php the author parameter is used unsafely. Root cause: $this->params['author'] is not escaped, enabling time-based blind SQL injection. A fix is available in the repository commit fdafb5ec97838e4ed...

9.8CVSS10AI score0.02567EPSS
CVE
CVE
added 2017/01/12 10:0 p.m.47 views

CVE-2016-7791

Exponent CMS 2.3.9 is affected by CVE-2016-7791, a remote code execution vulnerability in /install/index.php. An attacker can upload a crafted exploit.tar.gz and trigger extraction via /install/index.php?install_sample=../../files/exploit, leading to arbitrary code execution. NVD lists CVSSv2 bas...

9.8CVSS9.9AI score0.03935EPSS
CVE
CVE
added 2017/03/07 4:0 p.m.47 views

CVE-2016-9020

Summary of CVE-2016-9020 : Exponent CMS up to version 2.3.9 contains a SQL injection in the helpController.php (framework/modules/help/controllers/helpController.php) that allows an attacker to inject via the version parameter and potentially execute arbitrary SQL. Public sources (NVD/OpenVAS and...

9.8CVSS10AI score0.0308EPSS
CVE
CVE
added 2016/11/03 10:0 a.m.47 views

CVE-2016-9135

Exponent CMS 2.3.9 is affected by a SQL injection in /framework/modules/help/controllers/helpController.php (version parameter). Root cause: improper handling of the version parameter leading to information disclosure. Evidence across NVD/CNVD/OSVLINE shows the same vulnerability; exploitation de...

7.5CVSS7.8AI score0.01763EPSS
CVE
CVE
added 2016/11/04 10:0 a.m.47 views

CVE-2016-9183

The CVE-2016-9183 entry concerns Exponent CMS 2.4.0, where /framework/modules/ecommerce/controllers/orderController.php passes untrusted input to selectObjectsBySql in the mysqli_database class. The injectProof filter intended to prevent SQL injection can be bypassed, depending on the presence of...

7.5CVSS8.2AI score0.01827EPSS
CVE
CVE
added 2015/02/19 3:0 p.m.46 views

CVE-2014-8690

Exponent CMS suffers multiple XSS vulnerabilities (CVE-2014-8690) in versions before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4. attacker-controlled input via PATH_INFO, index.php none action src parameter, or the First Name/Last Name fields in users/edituser can in...

4.3CVSS5.7AI score0.03954EPSS
CVE
CVE
added 2017/01/23 9:0 p.m.46 views

CVE-2016-2242

Exponent CMS 2.x before 2.3.7 Patch 3 is vulnerable to remote code execution via the sc parameter to install/index.php. The HTBridge advisory details that an unauthenticated attacker can inject PHP code into /framework/conf/config.php, gaining arbitrary command execution with the web server, and ...

10CVSS9.8AI score0.06636EPSS
CVE
CVE
added 2017/03/07 4:0 p.m.46 views

CVE-2016-7782

CVE-2016-7782 is an SQL injection vulnerability in Exponent CMS 2.3.9 and earlier, exploitable via the src parameter in framework/core/models/expConfig.php. The connected sources indicate that $this->location_data can be controlled/injected, enabling time-based SQL injection and arbitrary SQL ...

9.8CVSS10AI score0.02567EPSS
CVE
CVE
added 2017/03/07 4:0 p.m.46 views

CVE-2016-7783

CVE-2016-7783 is a SQL injection vulnerability affecting Exponent CMS 2.3.9 and earlier, exploitable via the title parameter in framework/core/models/expRecord.php. The issue allows remote attackers to execute arbitrary SQL commands. In NVD, the CVSS2 base score is 7.5 (HIGH) and the CVSS3 vector...

9.8CVSS10AI score0.02567EPSS
CVE
CVE
added 2017/03/07 4:0 p.m.46 views

CVE-2016-7788

CVE-2016-7788 - Exponent CMS : A SQL injection in framework/modules/users/models/user.php affects Exponent CMS 2.3.9 and earlier, allowing remote attackers to execute arbitrary SQL via the username parameter. OpenVAS aggregates this under “Exponent CMS

9.8CVSS10AI score0.02567EPSS
CVE
CVE
added 2017/03/07 4:0 p.m.46 views

CVE-2016-9019

CVE-2016-9019 describes a SQL injection in Exponent CMS up to version 2.3.9 in the activate_address function (framework/modules/addressbook/controllers/addressController.php) where the is_what parameter can be manipulated to execute arbitrary SQL. Public sources in the connected documents confirm...

9.8CVSS10AI score0.03302EPSS
CVE
CVE
added 2016/11/11 10:0 p.m.46 views

CVE-2016-9286

The CVE-2016-9286 issue affects Exponent CMS v2.4.0patch1, specifically the framework/modules/users/controllers/usersController.php component. The root cause is improper access controls that allow remote attackers to read user address information, demonstrated via address/show/id/1. Multiple sour...

5.3CVSS5.2AI score0.01476EPSS
CVE
CVE
added 2017/04/22 1:0 a.m.46 views

CVE-2017-7991

Exponent CMS 2.4.1 and earlier is affected by a SQL injection in the api() function of framework/modules/eaas/controllers/eaasController.php. The root cause is lack of input validation on the apikey parameter, which is base64-encoded, URL-decoded, and unserialized (via expUnserialize) before furt...

9.8CVSS9.8AI score0.02109EPSS
CVE
CVE
added 2018/03/06 10:0 p.m.45 views

CVE-2016-7443

CVE-2016-7443 affects Exponent CMS, versions 2.3.0 to 2.3.9. The issue is a vulnerable file upload path that could allow a remote attacker to impact the system via uploading files to the wrong location. The vulnerability description is supported by multiple feeds and references, indicating a secu...

9.8CVSS9.5AI score0.02277EPSS
CVE
CVE
added 2016/11/11 10:0 p.m.45 views

CVE-2016-9282

The provided connected sources confirm CVE-2016-9282 affects Exponent CMS (version 2.4.0). A SQL injection vulnerability exists in framework/modules/search/controllers/searchController.php, exploitable via action=search&module=search with the search_string parameter, allowing remote attackers to ...

7.5CVSS8.2AI score0.01696EPSS
CVE
CVE
added 2017/08/28 3:0 p.m.44 views

CVE-2015-1177

Exponent CMS 2.3.2 is affected by a reflected cross-site scripting (XSS) vulnerability in index.php, exploitable via the src parameter in the search functionality. Technical details across sources show that an attacker can craft a URL containing malicious JavaScript (e.g., payloads like or onerr...

6.1CVSS6AI score0.01475EPSS
CVE
CVE
added 2017/02/13 6:0 p.m.44 views

CVE-2016-7565

Summary: CVE-2016-7565 affects Exponent CMS, specifically install/index.php in version 2.3.9, where remote command execution is possible via shell metacharacters in the sc array parameter. The vulnerability’s root cause is improper handling of shell metacharacters, enabling an attacker to execute...

9.8CVSS9.8AI score0.02264EPSS
CVE
CVE
added 2017/01/12 10:0 p.m.44 views

CVE-2016-7790

Exponent CMS 2.3.9 is affected by a remote code execution vulnerability in /install/index.php. An attacker can upload a PHP file via uploader_paste.php and then overwrite /framework/conf/config.php to achieve arbitrary code execution. This is enabled by the ability to place a crafted file on the ...

9.8CVSS9.9AI score0.03935EPSS
CVE
CVE
added 2017/01/18 5:0 p.m.43 views

CVE-2015-8667

CVE-2015-8667 affects Exponent CMS prior to 2.3.5. The vulnerability is a Cross-site Scripting (XSS) in the Reset Your Password module that allows injection of arbitrary script/HTML via the Username/Email field. Affected component: Reset Your Password workflow; root cause: insufficient sanitizati...

6.1CVSS6AI score0.01223EPSS
CVE
CVE
added 2017/03/07 4:0 p.m.43 views

CVE-2016-7789

Exponent CMS 2.3.9 and earlier is affected by a SQL injection in framework/core/models/expConfig.php, exploitable via the apikey parameter. The vulnerability allows remote attackers to execute arbitrary SQL commands; the NVD entry labels it high/critical with network access and no authentication ...

9.8CVSS10AI score0.02497EPSS
CVE
CVE
added 2016/11/03 10:0 a.m.42 views

CVE-2016-7452

Exponent CMS is affected by a directory traversal vulnerability in the Pixidou Image Editor component, tracked as CVE-2016-7452. The issue allows uploading a malicious file to any folder on the site via a cpi directory traversal vector, affecting Exponent CMS prior to v2.3.9 patch 2. The known re...

7.5CVSS7.8AI score0.01672EPSS
CVE
CVE
added 2016/11/11 11:0 p.m.42 views

CVE-2016-9288

CVE-2016-9288 affects Exponent CMS v2.4.0 or older, where the parameter target in DragnDropReRank is used without filtration in framework/modules/navigation/controllers/navigationController.php, enabling SQL injection. The vulnerability is described consistently across sources (NVD entry and CNVD...

9.8CVSS9.8AI score0.01489EPSS
Total number of security vulnerabilities59