Auracms Security Vulnerabilities and Issues — Auracms CVE List

Lucene search

Arif SupriyantoAuracms

4 matches found

CVE•added 2006/07/13 12:5 a.m.•41 views

CVE-2006-3558

Multiple cross-site scripting (XSS) vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote attackers to inject arbitrary web script or HTML via (1) the judul_artikel parameter in teman.php and (2) the title of an article sent to admin, which is displayed when unauthenticated users visit index...

4.3CVSS6.1AI score0.00697EPSS

CVE•added 2006/07/13 12:5 a.m.•36 views

CVE-2006-3559

Multiple SQL injection vulnerabilities in Arif Supriyanto auraCMS 1.62 allow remote attackers to execute arbitrary SQL commands and delete all shoutbox messages via the (1) name and (2) pesan parameters.

7.5CVSS8.9AI score0.00851EPSS

CVE•added 2005/05/02 4:0 a.m.•35 views

CVE-2005-0656

Multiple cross-site scripting (XSS) vulnerabilities in auraCMS 1.5 allow remote attackers to inject arbitrary web script or HTML via the (1) hits parameter to hits.php, (2) query parameter to index.php, or (3) theCount parameter to counter.php.

4.3CVSS6AI score0.00409EPSS

CVE•added 2005/05/02 4:0 a.m.•31 views

CVE-2005-0655

auraCMS 1.5 allows remote attackers to obtain sensitive information via an HTTP request with an invalid id parameter to (1) teman.php, (2) hal.php, or (3) arsip.php, which reveals the path in a PHP error message.

5CVSS6.7AI score0.00462EPSS