Homepage

exponentcms/exponent-cms vulnerabilities

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the https://github.com|exponentcms/exponent-cms package. This does not include vulnerabilities belonging to this package’s dependencies.

Fix vulnerabilities automatically

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Fix for free
VulnerabilityVulnerable Version
  • H
SQL Injection

[,2.7.0)
  • C
SQL Injection

[,2.4.0)
  • C
SQL Injection

[,2.3.9]
  • H
Information Exposure

[,2.3.9]
  • C
Arbitrary Code Injection

[,2.3.9]
  • C
SQL Injection

[,2.4.0)
  • M
Cross-site Scripting (XSS)

[,2.2.0)
  • C
SQL Injection

[,2.4.0)
  • C
SQL Injection

[,2.4.1]
  • H
Improper Access Control

[,2.4.0]
  • M
Information Exposure

[,2.4.0]
  • H
Information Exposure

[,2.4.0]
  • H
Access Restriction Bypass

[,2.4.2)
  • C
Arbitrary File Upload

[2.3.0,2.4.0)
  • C
SQL Injection

[,2.4.0)
  • C
Arbitrary Code Injection

[,2.3.9]
  • M
Cross-site Scripting (XSS)

[,2.3.0]
  • C
SQL Injection

[,2.4.0)
  • C
SQL Injection

[,2.4.0]
  • M
Information Exposure

[,2.4.0]
  • C
Improper Input Validation

[,2.6.0)
  • C
SQL Injection

[,2.4.1)
  • C
Arbitrary File Upload

[,2.3.9)
  • C
SQL Injection

[,2.4.0)
  • C
SQL Injection

[,2.4.0)
  • C
Improper Input Validation

[,2.6.0)
  • C
SQL Injection

[,2.4.0)
  • M
Cross-site Scripting (XSS)

[,2.3.2]
  • C
SQL Injection

[,2.3.9]
  • C
Improper Input Validation

[,2.6.0)
  • H
SQL Injection

[,2.4.0]
  • C
SQL Injection

[,2.4.0)
  • M
Cross-site Scripting (XSS)

[,2.3.6)
  • H
Information Exposure

[,2.3.9]
  • C
Improper Input Validation

[,2.3.9]
  • H
Directory Traversal

[,2.2.1)
  • C
Improper Input Validation

[,2.6.0)
  • C
Improper Input Validation

[,2.3.9]
  • C
SQL Injection

[,2.4.0)
  • C
SQL Injection

[,2.4.0)
  • H
SQL Injection

[,2.2.1)
  • C
SQL Injection

[,2.4.0)
  • M
Cross-site Scripting (XSS)

[,2.3.6)
  • C
Improper Input Validation

[,2.6.0)
  • M
Information Exposure

[,2.4.0]
  • C
SQL Injection

[,2.4.1)
  • H
Information Exposure

[,2.4.0]
  • H
SQL Injection

[,2.4.0]
  • C
Improper Access Control

[,2.3.9]
  • C
SQL Injection

[,2.4.2)
  • H
Arbitrary File Upload

[,2.4.0)
  • H
SQL Injection

[,2.4.0]
  • C
Remote Code Execution (RCE)

[,2.3.7)