Blind SQL Injection in Exponent CMS <= v2.3.9

Posted by Manuel Garcia Cardenas on Sep 20

=============================================
MGC ALERT 2016-005
– Original release date: September 09, 2016
– Last revised: September 20, 2016
– Discovered by: Manuel García Cárdenas
– Severity: 7,1/10 (CVSS Base Score)
– CVE-ID: CVE-2016-7400
=============================================

I. VULNERABILITY
————————-
Blind SQL Injection in Exponent CMS <= v2.3.9

II. BACKGROUND
————————-
Exponent CMS is a…

Leave a Reply