Aggregates CVE and security vulnerability intelligence across all Exponent CMS-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting, vendor risk path handling, and vendor risk input validation and related problems; some flaws may lead to vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2016-9087 | SQL injection vulnerability in framework/modules/filedownloads/controllers/filedownloadController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the fileid parameter. | [email protected] | 9.8 | 2.23% | 2017-03-07 | 2026-06-16 |
| CVE-2016-9020 | SQL injection vulnerability in framework/modules/help/controllers/helpController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | [email protected] | 9.8 | 3.08% | 2017-03-07 | 2026-06-16 |
| CVE-2016-9019 | SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter. | [email protected] | 9.8 | 3.30% | 2017-03-07 | 2026-06-16 |
| CVE-2016-7789 | SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter. | [email protected] | 9.8 | 2.50% | 2017-03-07 | 2026-06-16 |
| CVE-2016-7788 | SQL injection vulnerability in framework/modules/users/models/user.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the username parameter. | [email protected] | 9.8 | 2.57% | 2017-03-07 | 2026-06-16 |
| CVE-2016-7784 | SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter. | [email protected] | 9.8 | 2.57% | 2017-03-07 | 2026-06-16 |
| CVE-2016-7783 | SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter. | [email protected] | 9.8 | 2.57% | 2017-03-07 | 2026-06-16 |
| CVE-2016-7782 | SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the src parameter. | [email protected] | 9.8 | 2.57% | 2017-03-07 | 2026-06-16 |
| CVE-2016-7781 | SQL injection vulnerability in framework/modules/blog/controllers/blogController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the author parameter. | [email protected] | 9.8 | 2.57% | 2017-03-07 | 2026-06-16 |
| CVE-2016-7780 | SQL injection vulnerability in cron/find_help.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the version parameter. | [email protected] | 9.8 | 2.57% | 2017-03-07 | 2026-06-16 |
| CVE-2016-7565 | install/index.php in Exponent CMS 2.3.9 allows remote attackers to execute arbitrary commands via shell metacharacters in the sc array parameter. | [email protected] | 9.8 | 2.26% | 2017-02-13 | 2026-06-16 |
| CVE-2016-7400 | Multiple SQL injection vulnerabilities in Exponent CMS before 2.4.0 allow remote attackers to execute arbitrary SQL commands via the (1) id parameter in an activate_address address controller action, (2) title parameter in a show blog controller action, or (3) content_id parameter in a showComments expComment controller action. | [email protected] | 9.8 | 4.65% | 2017-02-07 | 2026-06-16 |
| CVE-2017-5879 | An issue was discovered in Exponent CMS 2.4.1. This is a blind SQL injection that can be exploited by un-authenticated users via an HTTP GET request and which can be used to dump database data out to a malicious server, using an out-of-band technique, such as select_loadfile(). The vulnerability affects source_selector.php and the following parameter: src. | [email protected] | 9.8 | 1.91% | 2017-02-06 | 2026-06-16 |
| CVE-2016-2242 | Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to execute arbitrary code via the sc parameter to install/index.php. | [email protected] | 9.8 | 6.64% | 2017-01-23 | 2026-06-16 |
| CVE-2015-8684 | Exponent CMS before 2.3.7 does not properly restrict the types of files that can be uploaded, which allows remote attackers to conduct cross-site scripting (XSS) attacks and possibly have other unspecified impact as demonstrated by uploading a file with an .html extension, then accessing it via the elFinder functionality. | [email protected] | 6.1 | 1.22% | 2017-01-18 | 2026-06-16 |
| CVE-2015-8667 | Cross-site scripting (XSS) vulnerability in Reset Your Password module in Exponent CMS before 2.3.5 allows remote attackers to inject arbitrary web script or HTML via the Username/Email. | [email protected] | 6.1 | 1.22% | 2017-01-18 | 2026-06-16 |
| CVE-2016-7791 | Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload an evil 'exploit.tar.gz' file to the website, then extract it by visiting '/install/index.php?install_sample=../../files/exploit', which leads to arbitrary code execution. | [email protected] | 9.8 | 3.90% | 2017-01-12 | 2026-06-16 |
| CVE-2016-7790 | Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload 'php' file to the website through uploader_paste.php, then overwrite /framework/conf/config.php, which leads to arbitrary code execution. | [email protected] | 9.8 | 3.90% | 2017-01-12 | 2026-06-16 |
| CVE-2016-9481 | In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments. The method showComments is defined in the expCommentControllercontroller with the parameter '$this->params['content_id']' used directly in SQL. Impact is a SQL injection. | [email protected] | 9.8 | 1.76% | 2016-11-29 | 2026-06-16 |
| CVE-2016-9287 | In /framework/modules/notfound/controllers/notfoundController.php of Exponent CMS 2.4.0 patch1, untrusted input is passed into getSearchResults. The method getSearchResults is defined in the search model with the parameter '$term' used directly in SQL. Impact is a SQL injection. | [email protected] | 9.8 | 1.49% | 2016-11-15 | 2026-06-16 |