CVE Details
Basic Information
| Title | Aem Solutions CMS page.php sql injection |
|---|---|
| Type | cve |
| Published | 2025-06-02T07:00:18.097Z |
| Last Seen |
Product Information
| Vendor | Aem Solutions |
|---|---|
| Product | CMS |
| Version | 1.0 |
CVSS Information
| Base Score | 6.9 (MEDIUM) |
|---|---|
| Attack Vector | CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N |
| Confidentiality Impact | |
| Integrity Impact | |
| Availability Impact |
AI Analysis
| AI Description | Aem Solutions CMS version 1.0 is vulnerable to SQL injection via the ‘ID’ parameter in the ‘/page.php’ file. This allows remote attackers to execute arbitrary SQL commands, potentially compromising the database. The vendor has not responded to the disclosure. |
|---|---|
| AI Severity | Medium |
| Vendor | Aem Solutions |
| Product | CMS |
| Affected Version | 1.0 |
Additional Information
| CVE List | |
|---|---|
| CWE List | CWE-89, CWE-74 |
| Bulletin Family | |
| Source Data | Aem Solutions CMS 1.0 |
Source Information
| Source Data | Aem Solutions CMS 1.0 |
|---|---|
| Source Link |
Description
A vulnerability was found in Aem Solutions CMS up to 1.0. It has been classified as critical. This affects an unknown part of the file /page.php. The manipulation of the argument ID leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The vendor was contacted early about this disclosure but did not respond in any way.
CVSS Score Summary
Base Score: 6.9 (MEDIUM)