mirror of
https://github.com/0xMarcio/cve.git
synced 2026-03-31 01:51:16 +02:00
759 B
759 B
CVE-2016-9019
Description
SQL injection vulnerability in the activate_address function in framework/modules/addressbook/controllers/addressController.php in Exponent CMS 2.3.9 and earlier allows remote attackers to execute arbitrary SQL commands via the is_what parameter.
POC
Reference
Github
No PoCs found on GitHub currently.