CVE-2022-46135 Information

Description

In AeroCms v0.0.1 there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post through which we can upload webshell and control the web server.

Reference

https://github.com/MegaTKC/AeroCMS/issues/5