11 Nov 2016
CVE-2016-9286 Vulnerability
framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch1 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI. (CVSS:5.0) (Last Update:2016-11-14)
Vulnerability Details : framework/modules/users/controllers/usersController.php in Exponent CMS v2.4.0patch2 does not properly restrict access to user records, which allows remote attackers to read address information, as demonstrated by an address/show/id/1 URI. Publish Date : 2016-11-11 Last Update Date : 2016-11-14 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-9286
- Number Of Affected Versions By Product
- References For CVE-2016-9286
| |||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-9286There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |