CVE-2022-45330

Name of the Vulnerable Software and Affected Versions AeroCMS version 0.0.1

Description The issue allows attackers to access database information through a SQL Injection vulnerability via the Category parameter at the "category.php" endpoint. This vulnerability enables unauthorized access to sensitive database information.

Recommendations For AeroCMS version 0.0.1, consider restricting access to the "category.php" endpoint until a patch is available. As a temporary workaround, avoid using the Category parameter in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.