ExpressionEngine version 2.x < 2.11.8 and version 3.x < 3.5.5 create an object signing token with weak entropy. Successfully guessing the token can lead to remote code execution.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
expressionengine expressionengine 3.5.1 |
||
expressionengine expressionengine 3.4.7 |
||
expressionengine expressionengine 3.4.0 |
||
expressionengine expressionengine 3.3.3 |
||
expressionengine expressionengine 3.1.3 |
||
expressionengine expressionengine 3.1.1 |
||
expressionengine expressionengine 3.0.3 |
||
expressionengine expressionengine 3.0.1 |
||
expressionengine expressionengine 2.11.2 |
||
expressionengine expressionengine 2.11.0 |
||
expressionengine expressionengine 2.9.1 |
||
expressionengine expressionengine 2.8.1 |
||
expressionengine expressionengine 2.7.0 |
||
expressionengine expressionengine 3.4.5 |
||
expressionengine expressionengine 3.4.4 |
||
expressionengine expressionengine 3.4.3 |
||
expressionengine expressionengine 3.4.2 |
||
expressionengine expressionengine 3.1.0 |
||
expressionengine expressionengine 3.0.6 |
||
expressionengine expressionengine 3.0.5 |
||
expressionengine expressionengine 3.0.4 |
||
expressionengine expressionengine 2.10.2 |
||
expressionengine expressionengine 2.10.1 |
||
expressionengine expressionengine 2.10.0 |
||
expressionengine expressionengine 2.9.3 |
||
expressionengine expressionengine 2.5.4 |
||
expressionengine expressionengine 2.5.3 |
||
expressionengine expressionengine 2.5.2 |
||
expressionengine expressionengine 2.5.1 |
||
expressionengine expressionengine 2.5.0 |
||
expressionengine expressionengine 2.0.1 |
||
expressionengine expressionengine 2.0.2 |
||
expressionengine expressionengine 2.0.0 |
||
expressionengine expressionengine 2.6.0 |
||
expressionengine expressionengine 2.4.0 |
||
expressionengine expressionengine 2.3.0 |
||
expressionengine expressionengine 2.1.2 |
||
expressionengine expressionengine 2.1.0 |
||
expressionengine expressionengine 3.5.4 |
||
expressionengine expressionengine 3.5.3 |
||
expressionengine expressionengine 3.5.2 |
||
expressionengine expressionengine 3.3.1 |
||
expressionengine expressionengine 3.3.0 |
||
expressionengine expressionengine 3.2.1 |
||
expressionengine expressionengine 3.2.0 |
||
expressionengine expressionengine 2.11.7 |
||
expressionengine expressionengine 2.11.6 |
||
expressionengine expressionengine 2.11.5 |
||
expressionengine expressionengine 2.11.4 |
||
expressionengine expressionengine 2.11.3 |
||
expressionengine expressionengine 2.8.0 |
||
expressionengine expressionengine 2.7.3 |
||
expressionengine expressionengine 2.7.2 |
||
expressionengine expressionengine 2.7.1 |
||
expressionengine expressionengine 2.2.1 |
||
expressionengine expressionengine 2.2.0 |
||
expressionengine expressionengine 2.1.5 |
||
expressionengine expressionengine 2.1.4 |
||
expressionengine expressionengine 3.5.0 |
||
expressionengine expressionengine 3.4.6 |
||
expressionengine expressionengine 3.4.1 |
||
expressionengine expressionengine 3.3.4 |
||
expressionengine expressionengine 3.3.2 |
||
expressionengine expressionengine 3.1.4 |
||
expressionengine expressionengine 3.1.2 |
||
expressionengine expressionengine 3.0.2 |
||
expressionengine expressionengine 3.0.0 |
||
expressionengine expressionengine 2.11.1 |
||
expressionengine expressionengine 2.10.3 |
||
expressionengine expressionengine 2.9.2 |
||
expressionengine expressionengine 2.9.0 |
||
expressionengine expressionengine 2.6.1 |
||
expressionengine expressionengine 2.5.5 |
||
expressionengine expressionengine 2.3.1 |
||
expressionengine expressionengine 2.2.2 |
||
expressionengine expressionengine 2.1.3 |
||
expressionengine expressionengine 2.1.1 |