High severity7.5NVD Advisory· Published Nov 3, 2016· Updated Jun 17, 2026
CVE-2016-7452
CVE-2016-7452
Description
The Pixidou Image Editor in Exponent CMS prior to v2.3.9 patch 2 could be used to upload a malicious file to any folder on the site via a cpi directory traversal.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2cpe:2.3:a:exponentcms:exponent_cms:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:exponentcms:exponent_cms:*:*:*:*:*:*:*:*range: <=2.3.9
- (no CPE)range: <2.3.9 patch 2
Patches
Vulnerability mechanics
References
3- github.com/exponentcms/exponent-cms/commit/c1092f167cc6c78dc8bf9bf149946c5219413df3nvdIssue TrackingPatch
- www.securityfocus.com/bid/93045nvdThird Party AdvisoryVDB Entry
- github.com/exponentcms/exponent-cms/releases/tag/v2.4.0nvd
News mentions
0No linked articles in our index yet.