CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

NVD•added 2026/05/10 1:16 p.m.•6 views

CVE-2022-50944

Aero CMS 0.0.1 contains a PHP code injection vulnerability that allows authenticated attackers to execute arbitrary PHP code by uploading malicious files through the image parameter. Attackers can upload PHP files with embedded code to the admin posts.php endpoint with source=addpost parameter, a...

8.8CVSS0.0005EPSS

Exploits0References3

CVE•added 2026/05/10 12:12 p.m.•5 views

CVE-2022-50944

Aero CMS 0.0.1 is affected by a PHP code injection vulnerability. Authenticated attackers can upload PHP files via the image parameter to the admin posts.php endpoint with source=add_post, leading to server-side code execution. The vulnerability exposes high impact on confidentiality, integrity, ...

8.8CVSS6.1AI score0.0005EPSS

Exploits0References3

Vulnrichment•added 2026/05/10 12:12 p.m.•4 views

CVE-2022-50944 Aero CMS 0.0.1 PHP Code Injection via posts.php

8.8CVSS6.1AI score0.0005EPSS

Exploits0References3

ATTACKERKB•added 2026/05/10 12:12 p.m.•3 views

CVE-2022-50944

8.8CVSS6.1AI score0.0005EPSS

Exploits0References3Affected Software1

NVD•added 2026/01/13 11:15 p.m.•1 views

CVE-2022-50895

Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the...

9.8CVSS0.00066EPSS

Cvelist•added 2026/01/13 10:51 p.m.•19 views

CVE-2022-50895 Aero CMS 0.0.1 - SQL Injection

9.8CVSS0.00066EPSS

CVE•added 2026/01/13 10:51 p.m.•12 views

CVE-2022-50895

CVE-2022-50895 affects Aero CMS 0.0.1 with a SQL injection in the author parameter. The vulnerability can be exploited via boolean-based, error-based, time-based, and UNION-based queries to extract sensitive data and potentially compromise the system. Affected component: the author parameter in A...

9.8CVSS7.3AI score0.00066EPSS

Exploits1References4Affected Software1

Vulnrichment•added 2026/01/13 10:51 p.m.•1 views

CVE-2022-50895 Aero CMS 0.0.1 - SQL Injection

9.8CVSS7.3AI score0.00066EPSS

Positive Technologies•added 2026/01/13 12:0 a.m.•3 views

PT-2026-2371

Name of the Vulnerable Software and Affected Versions Aero CMS version 0.0.1 Description Aero CMS version 0.0.1 has a SQL injection issue in the author parameter. This allows manipulation of database queries using boolean-based, error-based, time-based, and UNION query techniques. Successful...

9.8CVSS7.2AI score0.00066EPSS

Exploits1References8

Packet Storm•added 2024/07/31 12:0 a.m.•435 views

Aero CMS 0.0.1 Cross Site Request Forgery

============================================================================================================================================= | Title : Aero CMS v0.0.1 CSRF Vulnerability | | Author : indoushka | | Tested on : windows 10 FrPro / browser : Mozilla firefox 128.0.3 64 bits | | Vendor...

Packet Storm•added 2023/03/27 12:0 a.m.•171 views

Aero CMS 0.0.1 SQL Injection

Exploit Title: Aero CMS v0.0.1 - SQL Injection no auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...

Packet Storm•added 2023/03/27 12:0 a.m.•186 views

Aero CMS 0.0.1 Remote Shell Upload

Exploit Title: Aero CMS v0.0.1 - PHP Code Injection auth Date: 15/10/2022 Exploit Author: Hubert Wojciechowski Contact Author: [email protected] Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using...

Exploit DB•added 2023/03/27 12:0 a.m.•190 views

Aero CMS v0.0.1 - PHP Code Injection (auth)

Exploit DB•added 2023/03/27 12:0 a.m.•173 views

Aero CMS v0.0.1 - SQL Injection (no auth)

0day.today•added 2023/03/27 12:0 a.m.•198 views

Aero CMS v0.0.1 - SQL Injection (no auth) Vulnerability

Exploit Title: Aero CMS v0.0.1 - SQL Injection no auth Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win64...

0day.today•added 2023/03/27 12:0 a.m.•268 views

Aero CMS v0.0.1 - PHP Code Injection (auth) Vulnerability

Exploit Title: Aero CMS v0.0.1 - PHP Code Injection auth Exploit Author: Hubert Wojciechowski Contact Author: email protected Vendor Homepage: https://github.com/MegaTKC/AeroCMS Software Link: https://github.com/MegaTKC/AeroCMS Version: 0.0.1 Testeted on: Windows 10 using XAMPP, Apache/2.4.48 Win...

CNNVD•added 2022/12/13 12:0 a.m.•1 views

AeroCMS 跨站脚本漏洞

AeroCMS is a content management system from the American company AeroCMS. AeroCMS version v0.0.1 contains a security vulnerability that originates from the inclusion of cross-site scripting XSS via addpost.php, which allows an attacker to execute arbitrary web script or HTML via a crafted payload...

4.8CVSS5.2AI score0.0035EPSS

Exploits1References3

Positive Technologies•added 2022/11/22 12:0 a.m.•2 views

PT-2022-27568 · Aerocms · Aerocms

Name of the Vulnerable Software and Affected Versions: AeroCMS version 0.0.1 Description: The issue allows attackers to access database information through a SQL Injection vulnerability. This vulnerability is exploited via the post category id parameter at the "adminincludesedit post.php" endpoin...

4.9CVSS8AI score0.00359EPSS

Exploits1References6

Exploit DB•added 2022/09/23 12:0 a.m.•67 views

Aero CMS v0.0.1 - SQLi

Title: Aero CMS v0.0.1 - SQLi Author: nu11secur1ty Date: 08.27.2022 Vendor: https://github.com/MegaTKC Software: https://github.com/MegaTKC/AeroCMS/releases/tag/v0.0.1 Reference: https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/MegaTKC/2021/AeroCMS-v0.0.1-SQLi Description: The...