Exponent : Security Vulnerabilities, CVEs, Published In 2007
Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain path information via a direct request for (1) sdk/blanks/formcontrol.php and (2) sdk/blanks/file_modules.php.
Max CVSS
5.0
EPSS Score
0.71%
Published
2007-04-25
Updated
2017-07-29
Directory traversal vulnerability in iconspopup.php in Exponent CMS 0.96.6 Alpha and earlier allows remote attackers to obtain sensitive information via a .. (dot dot) in the icodir parameter.
Max CVSS
5.0
EPSS Score
1.25%
Published
2007-04-25
Updated
2017-07-29
2 vulnerabilities found