CVE

Id
63241  
CVE No.
CVE-2013-3294  
Status
Candidate  
Description
Multiple SQL injection vulnerabilities in Exponent CMS before 2.2.0 release candidate 1 allow remote attackers to execute arbitrary SQL commands via the (1) src or (2) username parameter to index.php.  
Phase
Assigned (20130426)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
628772 63241 CVE-2013-3294 BUGTRAQ:20130515 Multiple Vulnerabilities in Exponent CMS  View
628773 63241 CVE-2013-3294 URL:http://seclists.org/bugtraq/2013/May/57  View
628774 63241 CVE-2013-3294 MISC:http://packetstormsecurity.com/files/121643/Exponent-CMS-2.2.0-Beta-3-LFI-SQL-Injection.html  View
628775 63241 CVE-2013-3294 MISC:https://www.htbridge.com/advisory/HTB23154  View
628776 63241 CVE-2013-3294 OSVDB:93447  View
628777 63241 CVE-2013-3294 URL:http://osvdb.org/93447  View
628778 63241 CVE-2013-3294 XF:exponentcms-cve20133294-index-sql-injection(84300)  View

Related JVN

Id JVN No. Title Summary CVE No. CVE Id CVSS_v2 CVSS_v3 JVN URL Actions
21655 JVNDB-2013-003230 RealNetworks RealPlayer におけるサービス運用妨害 (DoS) の脆弱性 RealNetworks RealPlayer には、サービス運用妨害 (リソース消費またはアプリケーションクラッシュ) 状態にされる脆弱性が存在します。 CVE-2013-3299 63241 4.3 http://jvndb.jvn.jp/ja/contents/2013/JVNDB-2013-003230.html  View