SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and previous versions allows remote malicious users to execute arbitrary SQL commands via the is_what parameter.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
exponentcms exponent cms |