CVE-2016-7095 in CMSinfo

Summary

Exponent CMS before 2.3.9 is vulnerable to an attacker uploading a malicious script file using redirection to place the script in an unprotected folder, one allowing script execution.

Be aware that VulDB is the high quality source for vulnerability data.

Reservation

08/26/2016

Disclosure

11/03/2016

Moderation

VulDB entry created

Entries

VDB-93302 (1)

CPE

ready

CWE

CWE-434 (Confirmed)

CVSS

9.8

EPSS

0.01203

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-7095
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-7095
CVE Details	https://www.cvedetails.com/cve/CVE-2016-7095/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!