CVE-2016-9025

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2016-9025

Import Source

https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9025.json

JSON Data

https://api.test.osv.dev/v1/vulns/CVE-2016-9025

Published

2020-12-31T03:15:12.373Z

Modified

2026-06-18T04:03:28.253617189Z

Severity

9.8 (Critical) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

Exponent CMS before 2.6.0 has improper input validation in purchaseOrderController.php.

References

Affected packages

Git / github.com/exponentcms/exponent-cms

Affected ranges

Type

GIT

Repo

https://github.com/exponentcms/exponent-cms

Events

Introduced

Fixed

6f21094f2ff194b442a604b5fd23dcebea8b8cc5

Fixed

a8efd9ca71fc9b8b843ad0910d435d237482ee31

Database specific

{
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "2.6.0"
        }
    ],
    "cpe": "cpe:2.3:a:exponentcms:exponent_cms:*:*:*:*:*:*:*:*",
    "source": [
        "CPE_RANGE",
        "REFERENCES"
    ]
}

Affected versions

Other

Beta1

beta1.*

beta1.1

v2.*

v2.0.0

v2.0.0.beta2

v2.0.0.beta2.1

v2.0.0.beta3

v2.0.0.beta4

v2.0.0.release-candidate1

v2.0.0.release-candidate2

v2.0.1

v2.0.1patch1

v2.0.2

v2.0.3

v2.0.9

v2.0.9patch1

v2.0.9patch2

v2.0.9patch3

v2.0.9patch4

v2.0.9patch5

v2.1.0

v2.1.1

v2.1.2

v2.1.3

v2.1.4

v2.2.0

v2.2.0patch1

v2.2.0patch2

v2.2.0patch3

v2.2.0patch4

v2.2.0patch5

v2.2.1

v2.2.2

v2.2.2patch1

v2.2.2patch2

v2.2.3

v2.2.3patch1

v2.2.3patch2

v2.2.3patch3

v2.2.3patch4

v2.3.0

v2.3.0patch1

v2.3.0patch2

v2.3.0patch3

v2.3.0patch4

v2.3.1

v2.3.1patch4

v2.3.2

v2.3.2patch1

v2.3.2patch2

v2.3.3

v2.3.3patch1

v2.3.4

v2.3.4patch1

v2.3.5

v2.3.5patch1

v2.3.5patch2

v2.3.6

v2.3.7

v2.3.7patch1

v2.3.7patch2

v2.3.7patch3

v2.3.7patch4

v2.3.8

v2.3.8patch1

v2.3.8patch2

v2.3.8patch3

v2.3.8patch4

v2.3.8patch5

v2.3.8patch6

v2.3.9

v2.3.9patch1

v2.4.0

v2.4.0patch1

v2.4.0patch2

v2.4.0patch3

v2.4.0patch4

v2.4.0patch5

v2.4.1

v2.4.1patch1

v2.4.1patch2

v2.4.1patch3

v2.4.1patch4

v2.4.1patch5

v2.4.1patch6

v2.4.2

v2.4.2patch1

v2.4.2patch2

v2.4.2patch3

v2.4.2patch4

v2.4.2patch5

v2.4.2patch6

v2.4.2patch7

v2.4.3

v2.4.3patch1

v2.5.0

v2.5.0patch1

v2.5.0patch2

v2.5.1

v2.5.1patch1

v2.5.1patch2

v2.5.1patch3

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2016-9025.json"