Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
aerocms project vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-46051
The approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable to SQL injection attacks.
Aerocms Project Aerocms 0.0.1
NA
CVE-2022-46061
AeroCMS v0.0.1 is vulnerable to ClickJacking.
Aerocms Project Aerocms 0.0.1
NA
CVE-2022-38812
AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter.
Aerocms Project Aerocms 0.1.1
NA
CVE-2023-29847
AeroCMS v0.0.1 exists to contain multiple stored cross-site scripting (XSS) vulnerabilities via the comment_author and comment_content parameters at /post.php. These vulnerabilities allow malicious users to execute arbitrary web scripts or HTML via a crafted payload.
Aerocms Project Aerocms 0.0.1
NA
CVE-2022-46047
AeroCMS v0.0.1 is vulnerable to SQL Injection via the delete parameter.
Aerocms Project Aerocms 0.0.1
NA
CVE-2022-46059
AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).
Aerocms Project Aerocms 0.0.1
NA
CVE-2022-46135
In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upload webshell and control the web server.
Aerocms Project Aerocms 0.0.1
NA
CVE-2022-38305
AeroCMS v0.0.1 exists to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnerability allows malicious users to execute arbitrary code via a crafted PHP file.
Aerocms Project Aerocms 0.0.1
NA
CVE-2022-45329
AeroCMS v0.0.1 exists to contain a SQL Injection vulnerability via the Search parameter. This vulnerability allows malicious users to access database information.
Aerocms Project Aerocms 0.0.1
3.5
CVSSv2
CVE-2022-27062
AeroCMS v0.0.1 exists to contain a stored cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field.
Aerocms Project Aerocms 0.0.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30043
camera
CVE-2023-40404
CVE-2024-2793
client side
CVE-2024-4469
CVE-2024-3565
CVE-2024-29825
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »