Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
auracms auracms vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2008-0735
SQL injection vulnerability in mod/gallery/ajax/gallery_data.php in AuraCMS 2.2 allows remote malicious users to execute arbitrary SQL commands via the albums parameter.
Auracms Auracms 2.2
1 EDB exploit
7.5
CVSSv2
CVE-2010-4774
SQL injection vulnerability in pdf.php in AuraCMS 1.62 allows remote malicious users to execute arbitrary SQL commands via the id parameter, a different vector than CVE-2007-4804 and CVE-2007-4171.
Auracms Auracms 1.62
1 EDB exploit
7.5
CVSSv2
CVE-2008-3203
js/pages/pages_data.php in AuraCMS 2.2 up to and including 2.2.2 does not perform authentication, which allows remote malicious users to add, edit, and delete web content via a modified id parameter.
Auracms Auracms 2.2.2
Auracms Auracms 2.2.1
Auracms Auracms 2.2
1 EDB exploit
7.5
CVSSv2
CVE-2008-0811
Multiple SQL injection vulnerabilities in AuraCMS 1.62 allow remote malicious users to execute arbitrary SQL commands via (1) the kid parameter to (a) mod/dl.php or (b) mod/links.php, and (2) the query parameter to search.php.
Auracms Auracms 1.62
1 EDB exploit
7.5
CVSSv2
CVE-2008-0390
stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote malicious users to inject arbitrary PHP code into online.db.txt via the X-Forwarded-For HTTP header in a stat action to index.php, and execute online.db.txt via a certain request to index.php.
Auracms Mod Block Statistik
Auracms Auracms 1.62
1 EDB exploit
7.5
CVSSv2
CVE-2007-4905
Unrestricted file upload vulnerability in mod/contak.php in AuraCMS 2.1 allows remote malicious users to upload and execute arbitrary PHP files via the image parameter, which places a file under files/.
Auracms Auracms 2.1
1 EDB exploit
7.5
CVSSv2
CVE-2007-4908
Directory traversal vulnerability in index.php in AuraCMS 2.1 and previous versions allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the pilih parameter.
Auracms Auracms 1.5 Rc
Auracms Auracms 1.5
Auracms Auracms 1.0
Auracms Auracms 2.0
Auracms Auracms 2.1
Auracms Auracms 1.62
1 EDB exploit
7.5
CVSSv2
CVE-2007-4804
Multiple SQL injection vulnerabilities in AuraCMS 1.5rc allow remote malicious users to execute arbitrary SQL commands via the id parameter in (1) hal.php, (2) cetak.php, (3) lihat.php, (4) pesan.php, and (5) teman.php, different vectors than CVE-2007-4171. NOTE: the scripts may ...
Auracms Auracms 1.5 Rc
1 EDB exploit
7.5
CVSSv2
CVE-2007-4171
SQL injection vulnerability in komentar.php in the Forum Module for auraCMS (Modul Forum Sederhana) allows remote malicious users to execute arbitrary SQL commands via the id parameter to the default URI. NOTE: some of these details are obtained from third party information.
Auracms Modul Forum Sederhana
1 EDB exploit
7.5
CVSSv2
CVE-2006-3559
Multiple SQL injection vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote malicious users to execute arbitrary SQL commands and delete all shoutbox messages via the (1) name and (2) pesan parameters.
Arif Supriyanto Auracms 1.62
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »