Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fork cms vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2020-23263
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote malicious users to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add.
Fork-cms Fork Cms 5.8.2
4.8
CVSSv3
CVE-2022-35585
A stored cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote malicious users to inject JavaScript via the "start_date" Parameter
Fork-cms Fork Cms 5.9.3
4.8
CVSSv3
CVE-2022-35589
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote malicious users to inject JavaScript via the "publish_on_time" Parameter.
Fork-cms Fork Cms 5.9.3
5.4
CVSSv3
CVE-2018-5215
Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter.
Fork-cms Fork Cms 5.0.7
9.8
CVSSv3
CVE-2019-15521
Spoon Library through 2014-02-06, as used in Fork CMS prior to 1.4.1 and other products, allows PHP object injection via a cookie containing an object.
Spoon-library Spoon Library
Fork-cms Fork Cms
NA
CVE-2012-1304
Fork CMS 3.2.4 - Local File Inclusion / Cross-Site Scripting
2 EDB exploits
NA
CVE-2012-1305
Fork CMS 3.2.5 - Multiple Vulnerabilities
1 EDB exploit
NA
CVE-2012-11881
Fork CMS version 3.2.5 suffers from multiple cross site scripting vulnerabilities.
5.3
CVSSv3
CVE-2019-1549
OpenSSL 1.1.1 introduced a rewritten random number generator (RNG). This was intended to include protection in the event of a fork() system call in order to ensure that the parent and child processes did not share the same RNG state. However this protection was not being used in ...
Openssl Openssl
3.7
CVSSv3
CVE-2019-1563
In situations where an attacker receives automated notification of the success or failure of a decryption attempt an attacker, after sending a very large number of messages to be decrypted, can recover a CMS/PKCS7 transported encryption key or decrypt any RSA encrypted message th...
Openssl Openssl
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4651
CVE-2024-34255
elevation of privilege
CVE-2024-25529
CVE-2024-4671
NULL pointer dereference
CVE-2024-25527
template injection
CVE-2008-0166
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »