CVE-2010-5002
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-5002
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
Cross-site scripting (XSS) vulnerability in modules/slideshowmodule/slideshow.js.php in Exponent CMS 0.97.0 allows remote attackers to inject arbitrary web script or HTML via the u parameter.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
Exponent CMS ‘modules/slideshowmodule/slideshow.js.php’ 跨站脚本攻击漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
OIC Exponent CMS是美国OIC集团公司的一套基于PHP的免费、开源的模块化内容管理系统(CMS)。该系统支持在页面中直接进行编辑,并提供用户管理、网站配置、内容编辑等功能。 Exponent CMS 0.97.0版本的modules/slideshowmodule/slideshow.js.php中存在跨站脚本攻击 (XSS)漏洞。远程攻击者可借助u参数注入任意web脚本或HTML。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-5002
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-5002
请登录查看更多情报信息。
- http://packetstormsecurity.org/1007-exploits/exponentcms-xss.txtx_refsource_MISC
- https://nvd.nist.gov/vuln/detail/CVE-2010-5002
Same Patch Batch · n/a · 2011-11-01 · 45 CVEs total
| CVE-2011-1915 | Enspire eClient 未明SQL注入漏洞 | |
| CVE-2011-4215 | OneOrZero Action和AIMS ‘cookieName’变量SQL注入漏洞 | |
| CVE-2011-4214 | OneOrZero Action和AIMS 安全认证绕过漏洞 | |
| CVE-2011-4216 | Investintech.com SlimPDF Reader 拒绝服务漏洞 | |
| CVE-2011-4219 | Investintech SlimPDF Reader 资源管理错误漏洞 | |
| CVE-2011-4220 | Investintech.com SlimPDF Reader 拒绝服务漏洞 | |
| CVE-2011-4221 | Investintech.com Able2Extract和Able2Extract Server 拒绝服务漏洞 | |
| CVE-2011-4222 | Investintech.com Able2Extract和Able2Extract Server 拒绝服务漏洞 | |
| CVE-2011-4223 | Investintech.com Absolute PDF Server 拒绝服务漏洞 | |
| CVE-2011-4218 | Investintech SlimPDF Reader 资源管理错误漏洞 | |
| CVE-2011-4064 | phpMyAdmin 跨站脚本攻击漏洞 | |
| CVE-2011-0941 | Cisco Unified Communications Manager 内存泄露漏洞 | |
| CVE-2010-5003 | Joomla! AutarTimonial 组件SQL注入漏洞 | |
| CVE-2010-5001 | esoftpro Online Contact Manager ‘view.php’ SQL注入漏洞 | |
| CVE-2010-4999 | esoftpro Online Photo Pro ‘index.php’ SQL注入漏洞 | |
| CVE-2010-4996 | esoftpro Online Guestbook Pro ‘ogp_show.php’ SQL注入漏洞 | |
| CVE-2010-4995 | Joomla! NeoRecrui组件SQL注入漏洞 | |
| CVE-2010-4994 | Joomla! Jobs Pro组件SQL注入漏洞 | |
| CVE-2010-4993 | Joomla! eventcal组件SQL注入漏洞 | |
| CVE-2010-4992 | Joomla! Payments Plus组件SQL注入漏洞 |
Showing top 20 of 45 CVEs. View all on vendor page → →
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8276
bettercap MySQL Server mysql_server.go integer coercion - CVE-2026-8275
bettercap zerogod IPP Service zerogod_ipp_primitives.go ippR - CVE-2026-8270
Open5GS SMF ogs_nas_parse_qos_rules denial of service - CVE-2026-8269
Open5GS SMF smf_nsmf_handle_create_sm_context denial of serv - CVE-2026-8268
Open5GS SMF OpenAPI_list_create denial of service
V. Comments for CVE-2010-5002
No comments yet