CyberSec.Space Logo
返回 CVE 浏览器

CVE-2005-3764

CRITICAL
10.0
CVSS Severity Score
EPSS Score0.1880%
EPSS Percentile1.80th
Published2005年11月22日
Last Modified2026年4月16日

Vulnerability Description

The image gallery (imagegallery) component in Exponent CMS 0.96.3 and later versions does not properly check the MIME type of uploaded files, with unknown impact from the preview icon, possibly involving injection of HTML.

Affected Platforms (CPE)

📦
Exponent

Exponent

= 0.94
📦
Exponent

Exponent

= 0.95
📦
Exponent

Exponent

= 0.96.1
📦
Exponent

Exponent

= 0.96.3
📦
Exponent

Exponent

= 0.96.4

References & Advisories

🔗 http://secunia.com/advisories/17655
🔗 http://www.securityfocus.com/archive/1/417218
🔗 http://secunia.com/advisories/17655
🔗 http://www.securityfocus.com/archive/1/417218

相关漏洞威胁

CVE-2006-160410.0

Unspecified vulnerability in Exponent CMS before 0.96.5 RC 1 has unknown impact and remote attack vectors related to variables tha...

CVE-2011-41219.8

The OpenSSL extension of Ruby (Git trunk) versions after 2011-09-01 up to 2011-11-03 always generated an exponent value of '1' to ...

CVE-2021-337979.8

Buffer-overflow in jsdtoa.c in Artifex MuJS in versions 1.0.1 to 1.1.1. An integer overflow happens when js_strtod() reads in floa...

CVE-2016-94819.8

In framework/modules/core/controllers/expCommentController.php of Exponent CMS 2.4.0, content_id input is passed into showComments...