07 Nov 2016
CVE-2016-9242 Vulnerability
Multiple SQL injection vulnerabilities in the update method in framework/modules/core/controllers/expRatingController.php in Exponent CMS 2.4.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) content_type or (2) subtype parameter. (CVSS:6.5) (Last Update:2016-11-07)
Vulnerability Details : Multiple SQL injection vulnerabilities in the update method in framework/modules/core/controllers/expRatingController.php in Exponent CMS 2.4.0 allow remote authenticated users to execute arbitrary SQL commands via the (1) content_type or (2) subtype parameter. Publish Date : 2016-11-07 Last Update Date : 2016-11-07 - CVSS Scores & Vulnerability Types
- Products Affected By CVE-2016-9242
- Number Of Affected Versions By Product
- References For CVE-2016-9242
| |||||||||||||||||||||||||||||||||||||||||||||||||||
- Metasploit Modules Related To CVE-2016-9242There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information) |