Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fork cms vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2022-35585
A stored cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote malicious users to inject JavaScript via the "start_date" Parameter
Fork-cms Fork Cms 5.9.3
4.8
CVSSv3
CVE-2022-35587
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote malicious users to inject JavaScript via the "publish_on_date" Parameter
Fork-cms Fork Cms 5.9.3
4.8
CVSSv3
CVE-2022-35589
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote malicious users to inject JavaScript via the "publish_on_time" Parameter.
Fork-cms Fork Cms 5.9.3
4.8
CVSSv3
CVE-2022-35590
A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote malicious users to inject JavaScript via the "end_date" Parameter
Fork-cms Fork Cms 5.9.3
8.8
CVSSv3
CVE-2022-1064
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms before 5.11.1.
Fork-cms Fork Cms
7.5
CVSSv3
CVE-2022-0153
SQL Injection in GitHub repository forkcms/forkcms before 5.11.1.
Fork-cms Fork Cms
5.4
CVSSv3
CVE-2022-0145
Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms before 5.11.1.
Fork-cms Fork Cms
5.4
CVSSv3
CVE-2020-23049
Fork CMS Content Management System v5.8.0 exists to contain a cross-site scripting (XSS) vulnerability in the `Displayname` field when using the `Add`, `Edit` or `Register' functions. This vulnerability allows malicious users to execute arbitrary web scripts or HTML.
Fork-cms Fork Cms 5.8.0
8.8
CVSSv3
CVE-2021-28931
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows malicious users to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel.
Fork-cms Fork Cms 5.9.2
8.8
CVSSv3
CVE-2020-23264
Cross-site request forgery (CSRF) in Fork-CMS prior to 5.8.2 allow remote malicious users to hijack the authentication of logged administrators.
Fork-cms Fork Cms
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »