| Max CVSS | 7.5 | Min CVSS | 7.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-9020 | 7.5 |
SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter.
|
04-04-2017 - 01:59 | 07-03-2017 - 16:59 | |
| CVE-2016-9087 | 7.5 |
SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the fileid parameter.
|
04-04-2017 - 01:59 | 07-03-2017 - 16:59 | |
| CVE-2016-7788 | 7.5 |
SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter.
|
01-04-2017 - 01:59 | 07-03-2017 - 16:59 | |
| CVE-2016-7781 | 7.5 |
SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author parameter.
|
31-03-2017 - 01:59 | 07-03-2017 - 16:59 |