Vulnerability Details CVE-2007-2253
Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain path information via a direct request for (1) sdk/blanks/formcontrol.php and (2) sdk/blanks/file_modules.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 54.3%
CVSS Severity
CVSS v2 Score 5.0
References
- http://osvdb.org/38842
- http://osvdb.org/38843
- http://www.bugtraq.ir/articles/advisory/exponent_multiple_vulnerabilities/10
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33937
- http://osvdb.org/38842
- http://osvdb.org/38843
- http://www.bugtraq.ir/articles/advisory/exponent_multiple_vulnerabilities/10
- https://exchange.xforce.ibmcloud.com/vulnerabilities/33937
Products affected by CVE-2007-2253
-
cpe:2.3:a:exponent:exponent_cms:*