Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
exponent exponent cms 0.96.3 vulnerabilities and exploits
(subscribe to this query)
645
VMScore
CVE-2006-4963
Directory traversal vulnerability in index.php in Exponent CMS 0.96.3 allows remote malicious users to read and execute arbitrary local files via a .. (dot dot) sequence in the view parameter in the show_view action in the calendarmodule module, as demonstrated by executing PHP c...
Exponent Exponent Cms 0.96.3
1 EDB exploit
440
VMScore
CVE-2007-2337
Multiple cross-site scripting (XSS) vulnerabilities in Exponent CMS 0.96.6 Alpha and previous versions allow remote malicious users to inject arbitrary web script or HTML via the (1) url parameter to (a) magpie_debug.php and (b) magpie_simple.php in external/magpierss/scripts/, t...
Oicgroup Exponent Cms 0.94
Oicgroup Exponent Cms
Oicgroup Exponent Cms 0.96.5
Oicgroup Exponent Cms 0.96.4
Oicgroup Exponent Cms 0.96.3
Oicgroup Exponent Cms 0.96.1
Oicgroup Exponent Cms 0.95
2 EDB exploits
383
VMScore
CVE-2008-1972
Multiple cross-site scripting (XSS) vulnerabilities in the user account creation feature in Exponent CMS 0.96.6-GA20071003 and previous versions, when the Allow Registration? configuration option is enabled, allow remote malicious users to inject arbitrary web script or HTML via ...
Oicgroup Exponent Cms
Oicgroup Exponent Cms 0.96.6
Oicgroup Exponent Cms 0.96.5
Oicgroup Exponent Cms 0.96.4
Oicgroup Exponent Cms 0.96.3
Oicgroup Exponent Cms 0.96.1
Oicgroup Exponent Cms 0.95
Oicgroup Exponent Cms 0.94
668
VMScore
CVE-2005-3765
Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permissions, which allows remote malicious users to execute arbitrary code.
Exponent Exponent 0.94
Exponent Exponent 0.95
Exponent Exponent 0.96.1
Exponent Exponent 0.96.3
Exponent Exponent 0.96.4
445
VMScore
CVE-2005-3767
Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote malicious users to upload and execute PHP files.
Exponent Exponent 0.94
Exponent Exponent 0.95
Exponent Exponent 0.96.1
Exponent Exponent 0.96.3
Exponent Exponent 0.96.4
668
VMScore
CVE-2005-3762
SQL injection vulnerability in the navigation module (navigationmodule) in Exponent CMS 0.96.3 and later versions allows remote malicious users to execute arbitrary SQL commands via the parent parameter.
Exponent Exponent 0.94
Exponent Exponent 0.95
Exponent Exponent 0.96.1
Exponent Exponent 0.96.3
Exponent Exponent 0.96.4
890
VMScore
CVE-2005-3764
The image gallery (imagegallery) component in Exponent CMS 0.96.3 and later versions does not properly check the MIME type of uploaded files, with unknown impact from the preview icon, possibly involving injection of HTML.
Exponent Exponent 0.94
Exponent Exponent 0.95
Exponent Exponent 0.96.1
Exponent Exponent 0.96.4
Exponent Exponent 0.96.3
445
VMScore
CVE-2005-3766
Exponent CMS 0.96.3 and later versions stores sensitive user pages under the web document root with insufficient access control even though certain permissions are specified, which allows malicious users to access the pages by browsing uploaded files.
Exponent Exponent 0.96.3
Exponent Exponent 0.96.4
Exponent Exponent 0.95
Exponent Exponent 0.94
Exponent Exponent 0.96.1
445
VMScore
CVE-2005-3763
Exponent CMS 0.96.3 and later versions includes the full installation path in the base parameter to thumb.php, which allows remote malicious users to obtain sensitive information. NOTE: this might be resultant from an absolute path traversal vulnerability.
Exponent Exponent 0.95
Exponent Exponent 0.96.3
Exponent Exponent 0.94
Exponent Exponent 0.96.1
Exponent Exponent 0.96.4
383
VMScore
CVE-2005-3761
Cross-site scripting (XSS) vulnerability in Exponent CMS 0.96.3 and later versions allows remote malicious users to inject arbitrary web script or HTML via (1) Javascript in forms produced by the form generator or (2) the parameters to the installer.
Exponent Exponent 0.96.3
Exponent Exponent 0.94
Exponent Exponent 0.95
Exponent Exponent 0.96.1
Exponent Exponent 0.96.4
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4644
unprivileged
CVE-2024-3494
CVE-2024-22460
CVE-2024-26026
CVE-2024-23473
firewall
CVE-2024-28889
XML external entity
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started