Description
PHP remote file inclusion vulnerability in add-ons/modules/sysmanager/plugins/install.plugin.php in Aurora CMS 1.0.2 allows remote attackers to execute arbitrary PHP code via a URL in the AURORA_MODULES_FOLDER parameter.
Exploits (1)
References (1)
Core 1
Core References
Exploit, Third Party Advisory exploit
x_refsource_exploit-db
http://www.exploit-db.com/exploits/9656
Scores
EPSS
0.0163
EPSS Percentile
82.0%
Details
CWE
CWE-94
Status
published
Products (1)
traza/aurora
1.0.2
Published
Sep 24, 2009
Tracked Since
Feb 18, 2026