Aerocms Security Vulnerabilities and Issues — Aerocms CVE List

Lucene search

Aerocms ProjectAerocms

4 matches found

CVE•added 2022/04/08 9:15 a.m.•80 views

CVE-2022-27063

AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via view_all_comments.php. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Comments text field.

6.1CVSS5.9AI score0.00664EPSS

CVE•added 2022/12/13 3:15 p.m.•49 views

CVE-2022-46059

AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).

6.5CVSS6.4AI score0.00148EPSS

CVE•added 2022/12/13 2:15 p.m.•47 views

CVE-2022-46061

AeroCMS v0.0.1 is vulnerable to ClickJacking.

6.1CVSS6.2AI score0.00106EPSS

CVE•added 2022/08/31 6:15 p.m.•29 views

CVE-2022-38812

AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter.

6.5CVSS6.9AI score0.00073EPSS