Exponentcms: >> Exponent Cms >> 2.3.9 Security Vulnerabilities
Exponent CMS before 2.6.0 has improper input validation in storeController.php.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-12-31
Exponent CMS before 2.6.0 has improper input validation in usersController.php.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-12-31
Exponent CMS before 2.6.0 has improper input validation in cron/find_help.php.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-12-31
Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-12-31
Exponent CMS before 2.6.0 has improper input validation in fileController.php.
CVSS Score
9.8
EPSS Score
0.006
Published
2020-12-31
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/ecommerce/controllers/cartController.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-05-24
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expTagController.php related to change_tags.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-05-24
Exponent CMS version 2.3.9 suffers from a sql injection vulnerability in framework/modules/help/controllers/helpController.php.
CVSS Score
9.8
EPSS Score
0.003
Published
2019-05-23
Exponent CMS version 2.3.9 suffers from a Object Injection vulnerability in framework/modules/core/controllers/expCatController.php related to change_cats.
CVSS Score
9.8
EPSS Score
0.005
Published
2019-05-23
Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."
CVSS Score
9.8
EPSS Score
0.009
Published
2018-03-07
Page 1