Filtered by vendor Fork-cms
Subscriptions
Filtered by product Fork Cms
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-15521 | 2 Fork-cms, Spoon-library | 2 Fork Cms, Spoon Library | 2024-11-21 | N/A |
| Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object. | ||||
| CVE-2018-5215 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | N/A |
| Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter. | ||||
| CVE-2018-20682 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | N/A |
| Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebook_admin_ids parameter (aka "Admin ids" input in the Facebook section). | ||||
| CVE-2018-17595 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | N/A |
| In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI. | ||||
| CVE-2014-9470 | 1 Fork-cms | 1 Fork Cms | 2024-11-21 | 6.1 Medium |
| Cross-site scripting (XSS) vulnerability in the loadForm function in Frontend/Modules/Search/Actions/Index.php in Fork CMS before 3.8.4 allows remote attackers to inject arbitrary web script or HTML via the q_widget parameter to en/search. | ||||