Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
fork-cms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-0153
SQL Injection in GitHub repository forkcms/forkcms before 5.11.1.
Fork-cms Fork Cms
NA
CVE-2012-1207
Directory traversal vulnerability in frontend/core/engine/javascript.php in Fork CMS 3.2.4 and possibly other versions prior to 3.2.5 allows remote malicious users to read arbitrary files via a .. (dot dot) in the module parameter to frontend/js.php.
Fork-cms Fork Cms 3.2.4
4.8
CVSSv3
CVE-2022-35590
A cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote malicious users to inject JavaScript via the "end_date" Parameter
Fork-cms Fork Cms 5.9.3
6.1
CVSSv3
CVE-2018-17595
In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI.
Fork-cms Fork Cms 5.4.0
6.1
CVSSv3
CVE-2020-23263
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote malicious users to inject arbitrary Javascript code via the "navigation_title" parameter and the "title" parameter in /private/en/pages/add.
Fork-cms Fork Cms 5.8.2
NA
CVE-2012-1208
Multiple cross-site scripting (XSS) vulnerabilities in backend/core/engine/base.php in Fork CMS 3.2.4 and possibly other versions prior to 3.2.5 allow remote malicious users to inject arbitrary web script or HTML via the (1) report parameter to blog/settings or (2) error paramete...
Fork-cms Fork Cms 3.2.4
2 EDB exploits
4.8
CVSSv3
CVE-2022-35585
A stored cross-site scripting (XSS) issue in the ForkCMS version 5.9.3 allows remote malicious users to inject JavaScript via the "start_date" Parameter
Fork-cms Fork Cms 5.9.3
4.8
CVSSv3
CVE-2022-35589
A cross-site scripting (XSS) issue in the Fork version 5.9.3 allows remote malicious users to inject JavaScript via the "publish_on_time" Parameter.
Fork-cms Fork Cms 5.9.3
5.4
CVSSv3
CVE-2018-20682
Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebook_admin_ids parameter (aka "Admin ids" input in the Facebook section).
Fork-cms Fork Cms 5.0.6
5.4
CVSSv3
CVE-2020-23049
Fork CMS Content Management System v5.8.0 exists to contain a cross-site scripting (XSS) vulnerability in the `Displayname` field when using the `Add`, `Edit` or `Register' functions. This vulnerability allows malicious users to execute arbitrary web scripts or HTML.
Fork-cms Fork Cms 5.8.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »