Vulnerabilities > Aerocms Project > Aerocms > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-12-16 | CVE-2022-46135 | Unrestricted Upload of File with Dangerous Type vulnerability in Aerocms Project Aerocms 0.0.1 In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upload webshell and control the web server. | 7.2 |
| 2022-12-16 | CVE-2022-46137 | Path Traversal vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 is vulnerable to Directory Traversal. | 7.5 |
| 2022-12-13 | CVE-2022-46051 | SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1 The approve parameter from the AeroCMS-v0.0.1 CMS system is vulnerable to SQL injection attacks. | 7.2 |
| 2022-11-29 | CVE-2022-45329 | SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Search parameter. | 7.5 |
| 2022-11-22 | CVE-2022-45330 | SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the Category parameter at \category.php. | 7.5 |
| 2022-11-22 | CVE-2022-45331 | SQL Injection vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 was discovered to contain a SQL Injection vulnerability via the p_id parameter at \post.php. | 7.5 |
| 2022-09-13 | CVE-2022-38305 | Unrestricted Upload of File with Dangerous Type vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the component /admin/profile.php. | 8.8 |
| 2022-04-08 | CVE-2022-27061 | Unrestricted Upload of File with Dangerous Type vulnerability in Aerocms Project Aerocms 0.0.1 AeroCMS v0.0.1 was discovered to contain an arbitrary file upload vulnerability via the Post Image function under the Admin panel. | 7.2 |