Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aerocms vulnerabilities and exploits
(subscribe to this query)
4.9
CVSSv3
CVE-2022-45535
AeroCMS v0.0.1 exists to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php. This vulnerability allows malicious users to access database information.
Aerocms Project Aerocms 0.0.1
4.9
CVSSv3
CVE-2022-45536
AeroCMS v0.0.1 exists to contain a SQL Injection vulnerability via the id parameter at \admin\post_comments.php. This vulnerability allows malicious users to access database information.
Aerocms Project Aerocms 0.0.1
5.4
CVSSv3
CVE-2023-29847
AeroCMS v0.0.1 exists to contain multiple stored cross-site scripting (XSS) vulnerabilities via the comment_author and comment_content parameters at /post.php. These vulnerabilities allow malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Aerocms Project Aerocms 0.0.1
4.8
CVSSv3
CVE-2022-27062
AeroCMS v0.0.1 exists to contain a stored cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field.
Aerocms Project Aerocms 0.0.1
4.9
CVSSv3
CVE-2022-46047
AeroCMS v0.0.1 is vulnerable to SQL Injection via the delete parameter.
Aerocms Project Aerocms 0.0.1
7.5
CVSSv3
CVE-2022-45329
AeroCMS v0.0.1 exists to contain a SQL Injection vulnerability via the Search parameter. This vulnerability allows malicious users to access database information.
Aerocms Project Aerocms 0.0.1
7.5
CVSSv3
CVE-2022-45330
AeroCMS v0.0.1 exists to contain a SQL Injection vulnerability via the Category parameter at \category.php. This vulnerability allows malicious users to access database information.
Aerocms Project Aerocms 0.0.1
7.5
CVSSv3
CVE-2022-45331
AeroCMS v0.0.1 exists to contain a SQL Injection vulnerability via the p_id parameter at \post.php. This vulnerability allows malicious users to access database information.
Aerocms Project Aerocms 0.0.1
6.5
CVSSv3
CVE-2022-38812
AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter.
Aerocms Project Aerocms 0.1.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028
CVE-2024-32406
CVE-2024-25624
IMAP
CVE-2024-2310
CVE-2024-0874
CVE-2024-20359
XXE
remote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2