 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| Test ID: | 1.3.6.1.4.1.25623.1.0.809728 |
| Category: | Web application abuses |
| Title: | Exponent CMS <= 2.4.0 Information Disclosure and SQLi Vulnerabilities |
| Summary: | Exponent CMS is prone to an SQL injection (SQLi) and an; information disclosure vulnerability. |
| Description: | Summary: Exponent CMS is prone to an SQL injection (SQLi) and an information disclosure vulnerability. Vulnerability Insight: Multiple flaws are due to: - An error in 'getUsersByJSON' of the framework/modules/users/controllers/usersController.php script. - An error in the framework/modules/addressbook/controllers/addressController.php script while passing input via modified id number. - An input passed via 'search_string' parameter to the framework/modules/search/controllers/searchController.php script is not validated properly. - An error in the framework/core/subsystems/expRouter.php script allowing to read database information via address/addContentToSearch/id/ and a trailing string. - Input passed via 'content_type' and 'subtype' parameter to the framework/modules/core/controllers/expRatingController.php script is not validated properly. - Insufficient sanitization of input passed via 'selectObjectsBySql' to the /framework/modules/ecommerce/controllers/orderController.php script. - Insufficient validation of input passed to the /framework/modules/core/controllers/expHTMLEditorController.php script. - Exponent CMS permits undefined actions to execute by default. - Input passed via 'content_id' parameter into showComments within the framework/modules/core/controllers/expCommentController.php script is not sanitized properly. Vulnerability Impact: Successful exploitation will allow remote attackers to gain access to potentially sensitive information and execute arbitrary SQL commands. Affected Software/OS: Exponent CMS version 2.4.0 and prior. Solution: Update to the latest release version. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P |
| Cross-Ref: |
Common Vulnerability Exposure (CVE) ID: CVE-2016-9284 BugTraq ID: 94296 http://www.securityfocus.com/bid/94296 http://www.securitytracker.com/id/1037281 Common Vulnerability Exposure (CVE) ID: CVE-2016-9285 Common Vulnerability Exposure (CVE) ID: CVE-2016-9282 Common Vulnerability Exposure (CVE) ID: CVE-2016-9283 Common Vulnerability Exposure (CVE) ID: CVE-2016-9242 BugTraq ID: 94194 http://www.securityfocus.com/bid/94194 Common Vulnerability Exposure (CVE) ID: CVE-2016-9183 BugTraq ID: 94227 http://www.securityfocus.com/bid/94227 Common Vulnerability Exposure (CVE) ID: CVE-2016-9184 Common Vulnerability Exposure (CVE) ID: CVE-2016-9182 Common Vulnerability Exposure (CVE) ID: CVE-2016-9481 BugTraq ID: 94590 http://www.securityfocus.com/bid/94590 http://www.pang0lin.com/?p=1076 http://www.securitytracker.com/id/1037368 |
| Copyright | Copyright (C) 2016 Greenbone AG |
| This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below. |