AuraCMS 'stat.php' Remote Script Code Execution Vulnerability

info
discussion
exploit
solution
references

AuraCMS 'stat.php' Remote Script Code Execution Vulnerability

AuraCMS is prone to a remote vulnerability that lets attackers run arbitrary script code because it fails to properly sanitize user-supplied input.

Exploiting this issue could allow attackers to upload and execute arbitrary script code in the context of the affected webserver process.

This issue affects AuraCMS 1.62; other versions may also be vulnerable.