EPSS
Percentile
30.3%
Fork CMS contains a SQL injection vulnerability in versions prior to version 5.11.1. When deleting submissions which belong to a formular (made with module FormBuilder), the parameter id[] is vulnerable to SQL injection.
FormBuilder
id[]
github.com/forkcms/forkcms
github.com/forkcms/forkcms/commit/7a12046a67ae5d8cf04face3ee75e55f03a1a608
huntr.dev/bounties/841503dd-311c-470a-a8ec-d4579b3274eb
nvd.nist.gov/vuln/detail/CVE-2022-0153