2 matches found
CVE-2022-27061
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the Post Image function under the Admin panel. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-27061
CVE-2022-27061 relates to AeroCMS v0.0.1, where an arbitrary file upload vulnerability exists in the Admin panel’s Post Image function. The root cause is unsafeguarded handling of uploaded PHP files, enabling an attacker to upload a crafted PHP payload and achieve arbitrary code execution. Public...