SQL Injection Vulnerability in Exponent CMS v2.4.0 or Older
CVE-2016-9288 · HIGH Severity
AV:N/AC:L/AU:N/C:P/I:P/A:P
In framework/modules/navigation/controllers/navigationController.php in Exponent CMS v2.4.0 or older, the parameter "target" of function "DragnDropReRank" is directly used without any filtration which caused SQL injection. The payload can be used like this: /navigation/DragnDropReRank/target/1.
Learn more about our Cis Benchmark Audit For Microsoft Sql Server.