Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fork cms vulnerabilities and exploits
(subscribe to this query)
4.8
CVSSv3
CVE-2022-35590
A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote malicious users to inject JavaScript via the "end_date" Parameter
Fork-cms Fork Cms 5.9.3
5.4
CVSSv3
CVE-2018-20682
Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebook_admin_ids parameter (aka "Admin ids" input in the Facebook section).
Fork-cms Fork Cms 5.0.6
8.8
CVSSv3
CVE-2021-28931
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows malicious users to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel.
Fork-cms Fork Cms 5.9.2
5.4
CVSSv3
CVE-2018-5215
Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter.
Fork-cms Fork Cms 5.0.7
9.8
CVSSv3
CVE-2019-15521
Spoon Library through 2014-02-06, as used in Fork CMS prior to 1.4.1 and other products, allows PHP object injection via a cookie containing an object.
Spoon-library Spoon Library
Fork-cms Fork Cms
NA
CVE-2012-1304
Fork CMS 3.2.4 - Local File Inclusion / Cross-Site Scripting
2 EDB exploits
NA
CVE-2012-1305
Fork CMS 3.2.5 - Multiple Vulnerabilities
1 EDB exploit
NA
CVE-2012-11881
Fork CMS version 3.2.5 suffers from multiple cross site scripting vulnerabilities.
5.3
CVSSv3
CVE-2019-1549
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in ...
Openssl Openssl
3.7
CVSSv3
CVE-2019-1563
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message th...
Openssl Openssl
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »