VYPR
Vendor

Aurora

Products
2
CVEs
4
Across products
4
Status
Private

Products

2

Recent CVEs

4
  • CVE-2018-10666HigMay 3, 2018
    risk 0.49cvss 7.5epss 0.01

    The Owned smart contract implementation for Aurora IDEX Membership (IDXM), an Ethereum ERC20 token, allows attackers to acquire contract ownership because the setOwner function is declared as public. A new owner can subsequently modify variables.

  • CVE-2017-14597MedSep 19, 2017
    risk 0.31cvss 4.8epss 0.01

    AdminPanel in AfterLogic WebMail 7.7 and Aurora 7.7.5 has XSS via the txtDomainName field to adminpanel/modules/pro/inc/ajax.php during addition of a domain.

  • CVE-2009-3365Sep 24, 2009
    risk 0.03cvss epss 0.02

    PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter.

  • CVE-2007-6345Dec 13, 2007
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in aurora framework before 20071208 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, possibly the value parameter to the pack_var function in module/db.lib/db_mysql.lib. NOTE: some of these details are obtained from…