CVE-2016-7783

CVE-2016-7783

EPSS 2.6%

SQL injection vulnerability in framework/core/models/expRecord.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the title parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://packetstormsecurity.com/files/139484/Exponent-CMS-2.3.9-SQL-Injection.html http://seclists.org/fulldisclosure/2016/Nov/12 http://www.securityfocus.com/bid/97212