VYPR
← All advisories
Unrated severityNVD Advisory· Published Sep 26, 2012· Updated Apr 29, 2026

CVE-2012-5164

CVE-2012-5164

Description

Multiple cross-site scripting (XSS) vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to (1) autocomplete.php, (2) search/ajax/autosuggest.php, (3) livesuggest.php, or (4) save.php in frontend/modules/search/ajax.

Affected products

42
  • Fork Cms/Fork CMS42 versions
    cpe:2.3:a:fork-cms:fork_cms:*:*:*:*:*:*:*:*+ 41 more
    • cpe:2.3:a:fork-cms:fork_cms:*:*:*:*:*:*:*:*range: <=3.2.6
    • cpe:2.3:a:fork-cms:fork_cms:2.0.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.0.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.5.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.10:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.11:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.12:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.13:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.7:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:2.6.9:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.0.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.5:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.6:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.7:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.8:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.1.9:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:fork-cms:fork_cms:3.2.5:*:*:*:*:*:*:*

Patches

1
641e27bf1e9a
https://github.com/forkcms/forkcmsvia nvd-ref
commit

Vulnerability mechanics

Generated by null/stub on May 9, 2026. Inputs: CWE entries + fix-commit diffs from this CVE's patches. Citations validated against bundle.

References

5

News mentions

0

No linked articles in our index yet.