Описание
Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the system.
EPSS
Процентиль: 10%
0.00035
Низкий
8.2 High
CVSS3
Дефекты
CWE-89
Связанные уязвимости
CVSS3: 8.2
github
25 дней назад
Aero CMS 0.0.1 contains a SQL injection vulnerability in the author parameter that allows attackers to manipulate database queries. Attackers can exploit boolean-based, error-based, time-based, and UNION query techniques to extract sensitive database information and potentially compromise the system.
EPSS
Процентиль: 10%
0.00035
Низкий
8.2 High
CVSS3
Дефекты
CWE-89