dleffler
commented
3 years ago I have a fix, have you opened a CVE report?
Closed pang0lin closed 3 years ago
dleffler
commented
3 years ago I have a fix, have you opened a CVE report?
pang0lin
commented
3 years ago Not yet, it is in processing
dleffler
commented
3 years ago Fix Commit 34dd490453e64ecd5615ba23496275c2ad3f5d0d
I found an unauthticate sql injection for ExponentCMS v2.6.0 (the latest version at this time), for more details. https://github.com/pang0lin/CVEproject/blob/main/ExponentCMS_v2.6.0_sqli.md