CVE-2005-3762 | Vulnerability Database | Aqua Security

SQL injection vulnerability in the navigation module (navigationmodule) in Exponent CMS 0.96.3 and later versions allows remote attackers to execute arbitrary SQL commands via the parent parameter.

Affected Software

Name	Vendor	Start Version	End Version
Exponent	Exponent	0.94 (including)	0.94 (including)
Exponent	Exponent	0.95 (including)	0.95 (including)
Exponent	Exponent	0.96.1 (including)	0.96.1 (including)
Exponent	Exponent	0.96.3 (including)	0.96.3 (including)
Exponent	Exponent	0.96.4 (including)	0.96.4 (including)

References

http://secunia.com/advisories/17505
http://secunia.com/advisories/17655
http://www.osvdb.org/21023
http://www.securityfocus.com/archive/1/417218
http://www.securityfocus.com/bid/15389
https://exchange.xforce.ibmcloud.com/vulnerabilities/23109
http://secunia.com/advisories/17505
http://secunia.com/advisories/17655
http://www.osvdb.org/21023
http://www.securityfocus.com/archive/1/417218
http://www.securityfocus.com/bid/15389
https://exchange.xforce.ibmcloud.com/vulnerabilities/23109

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3762
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html