Vulnerabilities > Exponentcms > Exponent CMS > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-02-09 CVE-2022-23048 Unrestricted Upload of File with Dangerous Type vulnerability in Exponentcms Exponent CMS 2.6.0
Exponent CMS 2.6.0patch2 allows an authenticated admin user to upload a malicious extension in the format of a ZIP file with a PHP file inside it.
network
low complexity
exponentcms CWE-434
6.5
2018-03-04 CVE-2017-18213 Unspecified vulnerability in Exponentcms Exponent CMS
In Exponent CMS before 2.4.1 Patch #6, certain admin users can elevate their privileges.
network
low complexity
exponentcms
6.5
2017-08-28 CVE-2015-1177 Cross-site Scripting vulnerability in Exponentcms Exponent CMS 2.3.2
Cross-site scripting (XSS) vulnerability in Exponent CMS 2.3.2.
4.3
2017-04-24 CVE-2017-8085 Cross-site Scripting vulnerability in Exponentcms Exponent CMS 2.3.0/2.3.1
In Exponent CMS before 2.4.1 Patch #5, XSS in elFinder is possible in framework/modules/file/connector/elfinder.php.
4.3
2017-01-18 CVE-2015-8684 Cross-site Scripting vulnerability in Exponentcms Exponent CMS
Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspecified impact as demonstrated by uploading a file with an .html extension, then accessing it via the elFinder functionality.
4.3
2017-01-18 CVE-2015-8667 Cross-site Scripting vulnerability in Exponentcms Exponent CMS
Cross-site scripting (XSS) vulnerability in Reset Your Password module in Exponent CMS before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the Username/Email.
4.3
2016-11-11 CVE-2016-9286 Information Exposure vulnerability in Exponentcms Exponent CMS 2.4.0
framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI.
network
low complexity
exponentcms CWE-200
5.0
2016-11-11 CVE-2016-9285 Information Exposure vulnerability in Exponentcms Exponent CMS 2.4.0
framework/modules/addressbook/controllers/addressController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via a modified id number, as demonstrated by address/edit/id/1, related to an "addresses, countries, and regions" issue.
network
low complexity
exponentcms CWE-200
5.0
2016-11-11 CVE-2016-9284 Information Exposure vulnerability in Exponentcms Exponent CMS 2.4.0
getUsersByJSON in framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0 allows remote attackers to read user information via users/getUsersByJSON/sort/ and a trailing string.
network
low complexity
exponentcms CWE-200
5.0
2016-11-11 CVE-2016-9283 SQL Injection vulnerability in Exponentcms Exponent CMS 2.4.0
SQL Injection in framework/core/subsystems/expRouter.php in Exponent CMS v2.4.0 allows remote attackers to read database information via address/addContentToSearch/id/ and a trailing string, related to a "sef URL" issue.
network
low complexity
exponentcms CWE-89
5.0