Vulnerabilities > Aerocms Project > Aerocms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-16 | CVE-2022-46135 | Unrestricted Upload of File with Dangerous Type vulnerability in Aerocms Project Aerocms 0.0.1 In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upload webshell and control the web server. | 7.2 |
| 2022-12-16 | CVE-2022-46137 | Path Traversal vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 is vulnerable to Directory Traversal. | 7.5 |
| 2022-12-13 | CVE-2022-46051 | SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1 The approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable to SQL injection attacks. | 7.2 |
| 2022-11-29 | CVE-2022-45329 | SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter. | 7.5 |
| 2022-11-22 | CVE-2022-45330 | SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. | 7.5 |
| 2022-11-22 | CVE-2022-45331 | SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at \post.php. | 7.5 |