Exponent Cms@2.1.4 Security Vulnerabilities and Issues — Exponent Cms@2.1.4 CVE List

Lucene search

ExponentcmsExponent Cms2.1.4

2 matches found

cve•added 2014/02/11 5:55 p.m.•92 views

CVE-2013-3294

Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote attackers to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php.

7.5CVSS8.5AI score0.01323EPSS

cve•added 2017/01/23 9:59 p.m.•33 views

CVE-2016-2242

Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to execute arbitrary code via the sc parameter to install/index.php.

10CVSS9.8AI score0.07813EPSS