SecuritySpace - CVE-2016-7790

Vulnerability Search		Search 324607 CVE descriptions and 145615 test descriptions, access 10,000+ cross references.
	Tests CVE All

CVE ID: CVE-2016-7790

Description: Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload 'php' file to the website through uploader_paste.php, then overwrite /framework/conf/config.php, which leads to arbitrary code execution.

Test IDs: None available

Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2016-7790
BugTraq ID: 93119
http://www.securityfocus.com/bid/93119
http://www.openwall.com/lists/oss-security/2016/09/22/6

CVE ID:	CVE-2016-7790
Description:	Exponent CMS 2.3.9 suffers from a remote code execution vulnerability in /install/index.php. An attacker can upload 'php' file to the website through uploader_paste.php, then overwrite /framework/conf/config.php, which leads to arbitrary code execution.
Test IDs:	None available
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2016-7790 BugTraq ID: 93119 http://www.securityfocus.com/bid/93119 http://www.openwall.com/lists/oss-security/2016/09/22/6