ForkCMS

Source repositories

CVE	Vendor / Product	CVSS	EPSS	Published	Description
CVE-2022-1064	ForkCMS ForkCMS	—	0.01	Mar 25, 2022	SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1.
CVE-2022-0153	ForkCMS ForkCMS	—	0.01	Mar 24, 2022	SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1.
CVE-2022-0145	ForkCMS ForkCMS	—	0.01	Mar 24, 2022	Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms prior to 5.11.1.
CVE-2020-24036	ForkCMS ForkCMS	—	0.03	Mar 4, 2021	PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code.

CVE-2022-1064Mar 25, 2022
ForkCMS
ForkCMS
risk 0.00cvss —epss 0.01
SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1.
CVE-2022-0153Mar 24, 2022
ForkCMS
ForkCMS
risk 0.00cvss —epss 0.01
SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1.
CVE-2022-0145Mar 24, 2022
ForkCMS
ForkCMS
risk 0.00cvss —epss 0.01
Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms prior to 5.11.1.
CVE-2020-24036Mar 4, 2021
ForkCMS
ForkCMS
risk 0.00cvss —epss 0.03
PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code.