Exponentcms: >> Exponent Cms >> 2.3.9 Security Vulnerabilities
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to perform an fid SQL Injection.
CVSS Score
9.8
EPSS Score
0.005
Published
2016-11-03
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal.
CVSS Score
7.5
EPSS Score
0.011
Published
2016-11-03
Page 4