Lucene search
K

5 matches found

CVE
CVE
added 2014/02/11 5:0 p.m.57 views

CVE-2014-1401

AuraCMS 2.3 and earlier versions are affected by SQL injection vulnerabilities (CVE-2014-1401). The issues allow remote authenticated users to alter or execute arbitrary SQL via the search parameter in index.php or via several HTTP headers (CLIENT_IP, X_FORWARDED_FOR, X_FORWARDED, FORWARDED_FOR, ...

6.5CVSS8.2AI score0.02982EPSS
Exploits5References8Affected Software1
securityvulns
securityvulns
added 2014/02/11 12:0 a.m.72 views

Multiple SQL Injection Vulnerabilities in AuraCMS

Advisory ID: HTB23196 Product: AuraCMS Vendor: AuraCMS Vulnerable Versions: 2.3 and probably prior Tested Version: 2.3 Advisory Publication: January 8, 2014 without technical details Vendor Notification: January 8, 2014 Vendor Patch: January 30, 2014 Public Disclosure: February 5, 2014...

6.5CVSS0.02982EPSS
Exploits5
exploitpack
exploitpack
added 2014/02/07 12:0 a.m.86 views

AuraCMS 2.3 - Multiple Vulnerabilities

AuraCMS 2.3 - Multiple Vulnerabilities Advisory ID: HTB23196 Product: AuraCMS Vendor: AuraCMS Vulnerable Versions: 2.3 and probably prior Tested Version: 2.3 Advisory Publication: January 8, 2014 without technical details Vendor Notification: January 8, 2014 Vendor Patch: January 30, 2014 Public...

6.5CVSS0.4AI score0.02982EPSS
Exploits5
Exploit DB
Exploit DB
added 2014/02/07 12:0 a.m.54 views

AuraCMS 2.3 - Multiple Vulnerabilities

Advisory ID: HTB23196 Product: AuraCMS Vendor: AuraCMS Vulnerable Versions: 2.3 and probably prior Tested Version: 2.3 Advisory Publication: January 8, 2014 without technical details Vendor Notification: January 8, 2014 Vendor Patch: January 30, 2014 Public Disclosure: February 5, 2014...

6.5CVSS6.5AI score0.02982EPSS
Exploits5
Packet Storm
Packet Storm
added 2014/02/06 12:0 a.m.66 views

AuraCMS 2.3 SQL Injection

Advisory ID: HTB23196 Product: AuraCMS Vendor: AuraCMS Vulnerable Versions: 2.3 and probably prior Tested Version: 2.3 Advisory Publication: January 8, 2014 without technical details Vendor Notification: January 8, 2014 Vendor Patch: January 30, 2014 Public Disclosure: February 5, 2014...

6.5CVSS0.1AI score0.02982EPSS
Exploits5
Rows per page
Query Builder