Auracms : Security Vulnerabilities, CVEs, Published In 2014 (Sql injection)
Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search parameter to mod/content/content.php or (2) CLIENT_IP, (3) X_FORWARDED_FOR, (4) X_FORWARDED, (5) FORWARDED_FOR, or (6) FORWARDED HTTP header to index.php.
Max CVSS
6.5
EPSS Score
0.29%
Published
2014-02-11
Updated
2018-10-09
1 vulnerabilities found