296,293
Total vulnerabilities in the database
Multiple SQL injection vulnerabilities in AuraCMS 2.3 and earlier allow remote authenticated users to execute arbitrary SQL commands via the (1) search parameter to mod/content/content.php or (2) CLIENT_IP, (3) X_FORWARDED_FOR, (4) X_FORWARDED, (5) FORWARDED_FOR, or (6) FORWARDED HTTP header to index.php.
| Software | From | Fixed in |
|---|---|---|
| auracms / auracms | 1.5 | 1.5.x |
| auracms / auracms | 2.2.2 | 2.2.2.x |
| auracms / auracms | 1.0 | 1.0.x |
| auracms / auracms | 2.0 | 2.0.x |
| auracms / auracms | - | 2.3.x |
| auracms / auracms | 1.1 | 1.1.x |
| auracms / auracms | 1.2 | 1.2.x |
| auracms / auracms | 1.3 | 1.3.x |
| auracms / auracms | 2.2.1 | 2.2.1.x |
| auracms / auracms | 2.1 | 2.1.x |
| auracms / auracms | 2.2 | 2.2.x |
| auracms / auracms | 1.61 | 1.61.x |
| auracms / auracms | 1.62 | 1.62.x |