mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-27 00:50:19 +01:00
759 B
759 B
CVE-2016-9019
Description
SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter.
POC
Reference
Github
No PoCs found on GitHub currently.