CVE-2016-7443

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2016-7443

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7443.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2016-7443

Published

2018-03-07T02:29:00.393Z

Modified

2026-03-14T09:23:18.536967Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."

References

Affected packages

Git / github.com/exponentcms/exponent-cms

Affected ranges

Type

GIT

Repo

https://github.com/exponentcms/exponent-cms

Events

Introduced

a86aee920364338bb3e9c72814bdb8abd61390e6

Last affected

e4f3d5129dac15d1d634008f504055e2cf062c65

Fixed

505873d889f211501451036c40e3f4629e4d0647

Database specific

{
    "versions": [
        {
            "introduced": "2.3.0"
        },
        {
            "last_affected": "2.3.9"
        }
    ]
}

Affected versions

v2.*

v2.3.0

v2.3.0patch1

v2.3.0patch2

v2.3.0patch3

v2.3.0patch4

v2.3.1

v2.3.1patch4

v2.3.2

v2.3.2patch1

v2.3.2patch2

v2.3.3

v2.3.3patch1

v2.3.4

v2.3.4patch1

v2.3.5

v2.3.5patch1

v2.3.5patch2

v2.3.6

v2.3.7

v2.3.7patch1

v2.3.7patch2

v2.3.7patch3

v2.3.7patch4

v2.3.8

v2.3.8patch1

v2.3.8patch2

v2.3.8patch3

v2.3.8patch4

v2.3.8patch5

v2.3.8patch6

v2.3.9

v2.3.9patch1

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-7443.json"