Exponent Cms@2.3.1 Security Vulnerabilities and Issues — Exponent Cms@2.3.1 CVE List

Lucene search

ExponentcmsExponent Cms2.3.1

2 matches found

cve•added 2015/02/19 3:59 p.m.•35 views

CVE-2014-8690

Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS before 2.1.4 patch 6, 2.2.x before 2.2.3 patch 9, and 2.3.x before 2.3.1 patch 4 allow remote attackers to inject arbitrary web script or HTML via the (1) PATH_INFO, the (2) src parameter in a none action to index.php, or the (3) "...

4.3CVSS5.7AI score0.11438EPSS

cve•added 2017/01/23 9:59 p.m.•33 views

CVE-2016-2242

Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to execute arbitrary code via the sc parameter to install/index.php.

10CVSS9.8AI score0.07813EPSS