SQL Injection Vulnerability in Exponent CMS v2.4.0 or Older

SQL Injection Vulnerability in Exponent CMS v2.4.0 or Older

CVE-2016-9288 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this: /navigation/DragnDropReRank/target/1.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.