mirror of
https://github.com/0xMarcio/cve.git
synced 2025-05-28 09:12:08 +00:00
803 B
803 B
CVE-2016-7784
Description
SQL injection vulnerability in the getSection function in framework/core/subsystems/expRouter.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the section parameter.
POC
Reference
- http://packetstormsecurity.com/files/139484/Exponent-CMS-2.3.9-SQL-Injection.html
- http://packetstormsecurity.com/files/139484/Exponent-CMS-2.3.9-SQL-Injection.html
Github
No PoCs found on GitHub currently.