Vulnerabilities (CVE)

Filtered by vendor Auracms Subscribe
Filtered by product Mod Block Statistik
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-0390 1 Auracms 2 Auracms, Mod Block Statistik 2024-11-21 7.5 HIGH N/A
stat.php in AuraCMS 1.62, and Mod Block Statistik for AuraCMS, allows remote attackers to inject arbitrary PHP code into online.db.txt via the X-Forwarded-For HTTP header in a stat action to index.php, and execute online.db.txt via a certain request to index.php.