5 matches found
CVE-2016-9022
Exponent CMS prior to 2.6.0 contains an input validation flaw in usersController.php. The issue, caused by improper input validation, affects Exponent CMS versions before 2.6.0. Public references indicate a high-severity impact with access via network (per CVSS v2) and a critical impact profile (...
CVE-2016-9026
CVE-2016-9026 affects Exponent CMS prior to 2.6.0, where improper input validation in fileController.php creates a vulnerability in the CMS. Multiple connected sources confirm the issue exists in Exponent CMS before 2.6.0; the problem is tied to fileController.php input handling. The exploitation...
CVE-2016-9023
CVE-2016-9023 affects Exponent CMS prior to 2.6.0, attributing the issue to improper input validation in cron/find_help.php. Multiple sources (NVD, Red Hat advisory, CNVD, OSV) corroborate this vulnerability in Exponent CMS versions before 2.6.0. The NVD metrics indicate a high/critical impact (C...
CVE-2016-9025
CVE-2016-9025 affects Exponent CMS prior to 2.6.0 due to improper input validation in purchaseOrderController.php. The vulnerability exposes high-impact risks on confidentiality, integrity, and availability (CVSS v3.1: Network, NONE user interaction, C/H/I/H). Public references confirm the issue ...
CVE-2016-9021
CVE-2016-9021 affects Exponent CMS prior to 2.6.0, with a vulnerability in the input validation of storeController.php. The Red Hat, NVD, OSV, CNVD, and other references corroborate that the issue lies in improper input validation, leading to high-severity impact (CVSSv3.1: CRITICAL; CVSSv2: HIGH...