5 matches found
CVE-2014-1401
AuraCMS 2.3 and earlier versions are affected by SQL injection vulnerabilities (CVE-2014-1401). The issues allow remote authenticated users to alter or execute arbitrary SQL via the search parameter in index.php or via several HTTP headers (CLIENT_IP, X_FORWARDED_FOR, X_FORWARDED, FORWARDED_FOR, ...
Multiple SQL Injection Vulnerabilities in AuraCMS
Advisory ID: HTB23196 Product: AuraCMS Vendor: AuraCMS Vulnerable Versions: 2.3 and probably prior Tested Version: 2.3 Advisory Publication: January 8, 2014 without technical details Vendor Notification: January 8, 2014 Vendor Patch: January 30, 2014 Public Disclosure: February 5, 2014...
AuraCMS 2.3 - Multiple Vulnerabilities
AuraCMS 2.3 - Multiple Vulnerabilities Advisory ID: HTB23196 Product: AuraCMS Vendor: AuraCMS Vulnerable Versions: 2.3 and probably prior Tested Version: 2.3 Advisory Publication: January 8, 2014 without technical details Vendor Notification: January 8, 2014 Vendor Patch: January 30, 2014 Public...
AuraCMS 2.3 - Multiple Vulnerabilities
Advisory ID: HTB23196 Product: AuraCMS Vendor: AuraCMS Vulnerable Versions: 2.3 and probably prior Tested Version: 2.3 Advisory Publication: January 8, 2014 without technical details Vendor Notification: January 8, 2014 Vendor Patch: January 30, 2014 Public Disclosure: February 5, 2014...
AuraCMS 2.3 SQL Injection
Advisory ID: HTB23196 Product: AuraCMS Vendor: AuraCMS Vulnerable Versions: 2.3 and probably prior Tested Version: 2.3 Advisory Publication: January 8, 2014 without technical details Vendor Notification: January 8, 2014 Vendor Patch: January 30, 2014 Public Disclosure: February 5, 2014...