2 matches found
CVE-2022-38305
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-38305
AeroCMS v0.0.1 is affected by an arbitrary file upload vulnerability in the /admin/profile.php component. The underlying issue allows an attacker to upload a crafted PHP file, enabling arbitrary code execution on the server. CVSS 3.1 base score 8.8 (HIGH) with network attack vector, low attack co...