Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fork cms vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-35590
A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote malicious users to inject JavaScript via the "end_date" Parameter
Fork-cms Fork Cms 5.9.3
NA
CVE-2022-35585
A stored cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote malicious users to inject JavaScript via the "start_date" Parameter
Fork-cms Fork Cms 5.9.3
NA
CVE-2022-35587
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote malicious users to inject JavaScript via the "publish_on_date" Parameter
Fork-cms Fork Cms 5.9.3
NA
CVE-2022-35589
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote malicious users to inject JavaScript via the "publish_on_time" Parameter.
Fork-cms Fork Cms 5.9.3
6.5
CVSSv2
CVE-2022-1064
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms before 5.11.1.
Fork-cms Fork Cms
4.3
CVSSv2
CVE-2022-0153
SQL Injection in GitHub repository forkcms/forkcms before 5.11.1.
Fork-cms Fork Cms
3.5
CVSSv2
CVE-2022-0145
Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms before 5.11.1.
Fork-cms Fork Cms
3.5
CVSSv2
CVE-2020-23049
Fork CMS Content Management System v5.8.0 exists to contain a cross-site scripting (XSS) vulnerability in the `Displayname` field when using the `Add`, `Edit` or `Register' functions. This vulnerability allows malicious users to execute arbitrary web scripts or HTML.
Fork-cms Fork Cms 5.8.0
6.5
CVSSv2
CVE-2021-28931
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows malicious users to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel.
Fork-cms Fork Cms 5.9.2
4.3
CVSSv2
CVE-2020-23263
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote malicious users to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add.
Fork-cms Fork Cms 5.8.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-23692
CVE-2012-1823
memory leak
CVE-2024-0627
CVE-2024-31402
privilege escalation
CVE-2024-36418
remote code execution
CVE-2024-27844
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »