Closed pang0lin closed 3 years ago
I found an unauthticate sql injection for ExponentCMS v2.6.0 (the latest version at this time), for more details. https://github.com/pang0lin/CVEproject/blob/main/ExponentCMS_v2.6.0_sqli.md
I have a fix, have you opened a CVE report?
Not yet, it is in processing
Fix Commit 34dd490453e64ecd5615ba23496275c2ad3f5d0d
I found an unauthticate sql injection for ExponentCMS v2.6.0 (the latest version at this time), for more details. https://github.com/pang0lin/CVEproject/blob/main/ExponentCMS_v2.6.0_sqli.md