Exponentcms
1 CVEs
product
Monthly
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP
Information Disclosure
Exponentcms
NVD
GitHub
CVSS 3.1
4.3
EPSS
2.5%
EPSS 2%
CVSS 4.3
MEDIUM
POC
This Month
A HTTP Host header attack exists in ExponentCMS 2.6 and below in /exponent_constants.php. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
PHP
Information Disclosure
Exponentcms
NVD
GitHub