📦 Exponent Cms

CVE-2016-9021 is an improper input validation vulnerability in Exponent CMS's storeController.php that allows attackers to execute arbitrary code. This affects all Exponent CMS installations before ve...

CVE-2016-9023 is an improper input validation vulnerability in Exponent CMS's cron/find_help.php script that allows remote attackers to execute arbitrary code. This affects all Exponent CMS installati...

CVE-2016-9026 is an improper input validation vulnerability in Exponent CMS's fileController.php that allows attackers to execute arbitrary code on affected systems. This affects all Exponent CMS inst...

This SQL injection vulnerability in Exponent-CMS v2.6.0 allows attackers to execute arbitrary SQL commands via the selectValue function in the expConfig class. Attackers can potentially access, modify...

This vulnerability allows authenticated admin users in Exponent CMS to upload malicious ZIP files containing PHP scripts, which are then extracted to a web-accessible directory enabling remote code ex...