CyberSec.Space Logo
Back to CVE Browser

CVE-2005-3764

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile1.80th
PublishedNov 22, 2005
Last ModifiedApr 16, 2026

Vulnerability Description

The image gallery (imagegallery) component in Exponent CMS 0.96.3 and later versions does not properly check the MIME type of uploaded files, with unknown impact from the preview icon, possibly involving injection of HTML.

Affected Platforms (CPE)

πŸ“¦
Exponent

Exponent

= 0.94
πŸ“¦
Exponent

Exponent

= 0.95
πŸ“¦
Exponent

Exponent

= 0.96.1
πŸ“¦
Exponent

Exponent

= 0.96.3
πŸ“¦
Exponent

Exponent

= 0.96.4

References & Advisories

πŸ”— http://secunia.com/advisories/17655
πŸ”— http://www.securityfocus.com/archive/1/417218
πŸ”— http://secunia.com/advisories/17655
πŸ”— http://www.securityfocus.com/archive/1/417218

Related Vulnerabilities

CVE-2006-160410.0

Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has unknown impact and remote attack vectors related to variables tha...

CVE-2011-41219.8

The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to ...

CVE-2021-337979.8

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floa...

CVE-2016-94819.8

In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments...