| Max CVSS | 7.5 | Min CVSS | 7.5 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2016-7789 | 7.5 |
SQL injection vulnerability in framework/core/models/expConfig.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the apikey parameter.
|
01-04-2017 - 01:59 | 07-03-2017 - 16:59 | |
| CVE-2016-9019 | 7.5 |
SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter.
|
01-04-2017 - 01:59 | 07-03-2017 - 16:59 |