Vulnerability Details CVE-2022-46135
In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upload webshell and control the web server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 36.2%
CVSS Severity
CVSS v3 Score 7.2
Products affected by CVE-2022-46135
-
cpe:2.3:a:aerocms_project:aerocms:0.0.1