AeroCMS 0.1.1 - SQL Injection

AeroCMS 0.1.1 contains a SQL injection caused by unsanitized author parameter, letting attackers execute arbitrary SQL commands, exploit requires crafted author input. id: CVE-2022-38812 info: name: AeroCMS 0.1.1 - SQL Injection author: shivampand3y severity: medium description: | AeroCMS 0.1.1...

EUVD-2022-55969

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

CVE-2022-50944

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

CVE-2022-50944

Aero CMS 0.0.1 is affected by a PHP code injection vulnerability. Authenticated attackers can upload PHP files via the image parameter to the admin posts.php endpoint with source=add_post, leading to server-side code execution. The vulnerability exposes high impact on confidentiality, integrity, ...

CVE-2022-50944 Aero CMS 0.0.1 PHP Code Injection via posts.php

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

CVE-2022-50944

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

Aero CMS 代码注入漏洞

Aero CMS is a content management system developed by the American company Aero CMS. Version 0.0.1 of Aero CMS has a code injection vulnerability. This vulnerability stems from PHP code injection in the image parameter, which may allow authenticated attackers to execute arbitrary PHP code by...

@100x/application (>=0.0.1 <=0.0.6), @aero-js/cli (=0.4.0) +32 more potentially affected by CVE-2026-44372 via nitro (>=1.14.9 <=3.0.260415-beta)

nitro NPM version =1.14.9, =0.0.1, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.1.0, =0.1.0, =0.4.2, =2.4.0-alpha.2, =2.4.0-alpha.2, =3.0.0-alpha.53 and more Source cves: CVE-2026-44372 Source advisory: OSV:GHSA-9PHM-9P8F-HW5M...

@aero-js/config (>=0.3.3 <=0.3.5), @aero-js/core (>=0.3.3 <=0.3.5) +57 more potentially affected by CVE-2026-33732 via srvx (>=0.10.1 <=0.11.12)

srvx NPM version =0.10.1, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.3.3, =0.1.0, =0.1.0, =2.4.0-alpha.2, =2.4.0-alpha.2, =0.1.2, =0.0.1-alpha.0, =0.7.14, =0.2.0, =3.32.0, =3.33.0 and more Source cves: CVE-2026-33732 Source advisory: OSV:GHSA-P36Q-Q72M-GCHR...

CVE-2022-50895

Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the...

CVE-2022-50895

Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the...

CVE-2022-50895

Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the...

CVE-2022-50895

CVE-2022-50895 affects Aero CMS 0.0.1 with a SQL injection in the author parameter. The vulnerability can be exploited via boolean-based, error-based, time-based, and UNION-based queries to extract sensitive data and potentially compromise the system. Affected component: the author parameter in A...

CVE-2022-50895 Aero CMS 0.0.1 - SQL Injection

Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the...

CVE-2022-50895 Aero CMS 0.0.1 - SQL Injection

Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the...

Aero CMS SQL注入漏洞

Aero CMS is a content management system from Aero CMS, Inc. in the United States. A SQL injection vulnerability exists in Aero CMS version 0.0.1, which stems from a SQL injection vulnerability in the author parameter that could lead to the extraction of sensitive database information...

PT-2026-2371

Name of the Vulnerable Software and Affected Versions Aero CMS version 0.0.1 Description Aero CMS version 0.0.1 has a SQL injection issue in the author parameter. This allows manipulation of database queries using boolean-based, error-based, time-based, and UNION query techniques. Successful...

EUVD-2024-45399

Malicious code in bioql PyPI...

EUVD-2024-28196

Malicious code in bioql PyPI...

CVE-2024-51561

This vulnerability exists in Aero due to improper implementation of OTP validation mechanism in certain API endpoints. An authenticated remote attacker could exploit this vulnerability by intercepting and manipulating the responses exchanged during the second factor authentication process...