Aerocms Security Vulnerabilities and Issues — Aerocms CVE List

Lucene search

Aerocms ProjectAerocms

6 matches found

CVE•added 2022/04/08 9:15 a.m.•78 views

CVE-2022-27062

AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Post Title text field.

4.8CVSS5.2AI score0.00641EPSS

CVE•added 2022/12/13 2:15 p.m.•74 views

CVE-2022-46058

AeroCMS v0.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field.

4.8CVSS5AI score0.00127EPSS

CVE•added 2022/12/13 2:15 p.m.•49 views

CVE-2022-46047

AeroCMS v0.0.1 is vulnerable to SQL Injection via the delete parameter.

4.9CVSS5.7AI score0.00069EPSS

CVE•added 2022/11/22 9:15 p.m.•44 views

CVE-2022-45536

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the id parameter at \admin\post_comments.php. This vulnerability allows attackers to access database information.

4.9CVSS5.3AI score0.00235EPSS

CVE•added 2022/11/22 9:15 p.m.•42 views

CVE-2022-45529

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \admin\includes\edit_post.php. This vulnerability allows attackers to access database information.

4.9CVSS5.4AI score0.00069EPSS

CVE•added 2022/11/22 9:15 p.m.•39 views

CVE-2022-45535

AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php. This vulnerability allows attackers to access database information.

4.9CVSS5.4AI score0.00069EPSS