Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

exponent exponent cms 0.96.1 vulnerabilities and exploits

(subscribe to this query)
10
CVSSv2
CVE-2006-1604
Unspecified vulnerability in Exponent CMS prior to 0.96.5 RC 1 has unknown impact and remote attack vectors related to variables that are not "typecasted."
Exponent Exponent Cms 0.94Exponent Exponent Cms 0.95Exponent Exponent Cms 0.96.1Exponent Exponent Cms 0.96.4
10
CVSSv2
CVE-2005-3764
The image gallery (imagegallery) component in Exponent CMS 0.96.3 and later versions does not properly check the MIME type of uploaded files, with unknown impact from the preview icon, possibly involving injection of HTML.
Exponent Exponent 0.94Exponent Exponent 0.95Exponent Exponent 0.96.1Exponent Exponent 0.96.4Exponent Exponent 0.96.3
7.5
CVSSv2
CVE-2006-1605
Unspecified vulnerability in the image module in Exponent CMS prior to 0.96.5 RC 1 allows remote malicious users to execute arbitrary code via unknown vectors involving "parsed PHP."
Exponent Exponent Cms 0.94Exponent Exponent Cms 0.96.4Exponent Exponent Cms 0.95Exponent Exponent Cms 0.96.1
7.5
CVSSv2
CVE-2006-1607
Unspecified vulnerability in the banner module in Exponent CMS prior to 0.96.5 RC 1 allows "php injection" via unknown attack vectors.
Exponent Exponent Cms 0.96.1Exponent Exponent Cms 0.96.4Exponent Exponent Cms 0.94Exponent Exponent Cms 0.95
7.5
CVSSv2
CVE-2005-3762
SQL injection vulnerability in the navigation module (navigationmodule) in Exponent CMS 0.96.3 and later versions allows remote malicious users to execute arbitrary SQL commands via the parent parameter.
Exponent Exponent 0.94Exponent Exponent 0.95Exponent Exponent 0.96.1Exponent Exponent 0.96.3Exponent Exponent 0.96.4
7.5
CVSSv2
CVE-2005-3765
Exponent CMS 0.96.3 and later versions performs a chmod on uploaded files to give them execute permissions, which allows remote malicious users to execute arbitrary code.
Exponent Exponent 0.94Exponent Exponent 0.95Exponent Exponent 0.96.1Exponent Exponent 0.96.3Exponent Exponent 0.96.4
5
CVSSv2
CVE-2006-1606
Unspecified vulnerability in the image module in Exponent CMS prior to 0.96.5 RC 1 allows "directory disclosure" with unknown attack vectors.
Exponent Exponent Cms 0.96.1Exponent Exponent Cms 0.96.4Exponent Exponent Cms 0.94Exponent Exponent Cms 0.95
5
CVSSv2
CVE-2005-3763
Exponent CMS 0.96.3 and later versions includes the full installation path in the base parameter to thumb.php, which allows remote malicious users to obtain sensitive information. NOTE: this might be resultant from an absolute path traversal vulnerability.
Exponent Exponent 0.95Exponent Exponent 0.96.3Exponent Exponent 0.94Exponent Exponent 0.96.1Exponent Exponent 0.96.4
5
CVSSv2
CVE-2005-3766
Exponent CMS 0.96.3 and later versions stores sensitive user pages under the web document root with insufficient access control even though certain permissions are specified, which allows malicious users to access the pages by browsing uploaded files.
Exponent Exponent 0.96.3Exponent Exponent 0.96.4Exponent Exponent 0.95Exponent Exponent 0.94Exponent Exponent 0.96.1
5
CVSSv2
CVE-2005-3767
Exponent CMS 0.96.3 and later versions does not properly restrict the types of uploaded files, which allows remote malicious users to upload and execute PHP files.
Exponent Exponent 0.94Exponent Exponent 0.95Exponent Exponent 0.96.1Exponent Exponent 0.96.3Exponent Exponent 0.96.4
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2012-1823malicious code‎CVE-2024-5770CVE-2023-45866CVE-2024-35687local usersCVE-2024-31246CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook