| VID |
21796 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Exponent CMS is vulnerable to multiple vulnerabilities which exist in versions prior to 0.96.4. Exponent CMS is an open-source Web-based Content Management System (CMS) written in PHP. Exponent version 0.96.3 and earlier versions are vulnerable to multiple vulnerabilities, which can be exploited by a remote attacker to conduct SQL injection, cross-site scripting and script insertion attacks. In addition to these flaws, a remote, authenticated attacker can upload files with arbitrary PHP code through its image upload facility and then execute that code on the affected system in the security context of the Web server process.
* References:
http://sourceforge.net/tracker/index.php?func=detail&aid=1230208&group_id=118524&atid=681366
http://sourceforge.net/tracker/index.php?func=detail&aid=1230221&group_id=118524&atid=681366
http://sourceforge.net/tracker/index.php?func=detail&aid=1353361&group_id=118524&atid=681366
http://archives.neohapsis.com/archives/bugtraq/2005-11/0243.html
http://secunia.com/advisories/17505/
http://secunia.com/advisories/17655/
* Platforms Affected:
James Hunt and the OIC Group, Inc., Exponent CMS version 0.96.3 and earlier versions
Any operating system Any version |
| Recommendation |
Upgrade to the latest version of Exponent CMS (0.96.4 or later), available from the SourceForge.net Downloads Web site at http://sourceforge.net/project/showfiles.php?group_id=118524 |
| Related URL |
CVE-2005-3761,CVE-2005-3762,CVE-2005-3763,CVE-2005-3764,CVE-2005-3765,CVE-2005-3766,CVE-2005-3767 (CVE) |
| Related URL |
15389,15391 (SecurityFocus) |
| Related URL |
23154,23155,23156,23157,23158 (ISS) |
|
