Vulnerability Details CVE-2022-38812
AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.127
EPSS Ranking 93.7%
CVSS Severity
CVSS v3 Score 6.5
References
- https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/MegaTKC/2021/AeroCMS-v0.0.1-SQLi
- https://www.nu11secur1ty.com/2022/08/aerocms-v001-sqli.html
- https://github.com/nu11secur1ty/CVE-nu11secur1ty/tree/main/vendors/MegaTKC/2021/AeroCMS-v0.0.1-SQLi
- https://www.nu11secur1ty.com/2022/08/aerocms-v001-sqli.html
Products affected by CVE-2022-38812
-
cpe:2.3:a:aerocms_project:aerocms:0.1.1