2017-01-23 21:00:00
mitre
PUBLISHED
Exponent CMS 2.x before 2.3.7 Patch 3 allows remote attackers to execute arbitrary code via the sc parameter to install/index.php.