Home/Product/aerocms project aerocms
Product

aerocms project aerocms

20 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
CVE-2022-50895
all versions
Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries
9.8CRITICAL
 CVE-2023-29847
all versions
AeroCMS v0.0.1 was discovered to contain multiple stored cross-site scripting (XSS) vulnerabilities via the comment_author and com
5.4MEDIUM
 CVE-2022-46137
all versions
AeroCMS v0.0.1 is vulnerable to Directory Traversal. The impact is: obtain sensitive information (remote). The component is: AeroC
7.5HIGH
 CVE-2022-46135
all versions
In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upl
7.2HIGH
 CVE-2022-46051
all versions
The approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable to SQL injection attacks.
7.2HIGH
 CVE-2022-46059
all versions
AeroCMS v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).
6.5MEDIUM
 CVE-2022-46061
all versions
AeroCMS v0.0.1 is vulnerable to ClickJacking.
6.1MEDIUM
 CVE-2022-46058
all versions
AeroCMS v0.0.1 was discovered to contain a cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability allows at
4.8MEDIUM
 CVE-2022-46047
all versions
AeroCMS v0.0.1 is vulnerable to SQL Injection via the delete parameter.
4.9MEDIUM
 CVE-2022-45329
all versions
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter. This vulnerability allows attacke
7.5HIGH
 CVE-2022-45536
all versions
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the id parameter at \admin\post_comments.php. This vuln
4.9MEDIUM
 CVE-2022-45535
all versions
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the edit parameter at \admin\categories.php. This vulne
4.9MEDIUM
 CVE-2022-45529
all versions
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the post_category_id parameter at \admin\includes\edit_
4.9MEDIUM
 CVE-2022-45331
all versions
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at \post.php. This vulnerability all
7.5HIGH
 CVE-2022-45330
all versions
AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. This vulnerabi
7.5HIGH
 CVE-2022-38305
all versions
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. This vulnera
8.8HIGH
 CVE-2022-38812
all versions
AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter.
6.5MEDIUM
 CVE-2022-27063
all versions
AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via view_all_comments.php. This vulnera
6.1MEDIUM
 CVE-2022-27062
all versions
AeroCMS v0.0.1 was discovered to contain a stored cross-site scripting (XSS) vulnerability via add_post.php. This vulnerability al
4.8MEDIUM
 CVE-2022-27061
all versions
AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the Post Image function under the Admin panel.
7.2HIGH
SOC and Response
CVE triage
Stack monitoring
Am I affected
IOC triage
KEV catalog
Daily brief
Change tracking
Detection Engineering
Coverage workspace
Detection coverage
Coverage check
Telemetry ceiling
SIEM query builder
Sigma rules
SIEM rules
YARA rules
Network rules
D3FEND
Threat Hunting
Threat actors
ATT&CK techniques
Attack paths
Indicators
Atomic tests
Red Team and Pentest
Exploitability triage
Recon pack
Attack paths
CAPEC patterns
Adversary emulation
Compliance and GRC
Framework mapping
Control assessment
Audit view
Coverage report
Atlas Search Threat actors Techniques Tools & malware CWE CAPEC KEV catalog Package vulns
About All capabilities Pricing API docs Live status Privacy policy Terms of service
threatengine.sh