CVE-2016-7443

Exponent CMS 2.3.0 through 2.3.9 allows remote attackers to have unspecified impact via vectors related to "uploading files to wrong location."

Date published : 2018-03-06

http://www.exponentcms.org/news/patch-1-released-for-v2-3-9

https://github.com/exponentcms/exponent-cms/releases/tag/v2.4.0