Lucene search
K

5 matches found

Packet Storm
Packet Storm
added 2021/03/12 12:0 a.m.280 views

ForkCMS PHP Object Injection

ForkCMS PHP Object Injection ========================= | Identifier: | AIT-SA-20210215-04 | | Target: | ForkCMS | | Vendor: | ForkCMS | | Version: | all versions below version 5.8.3 | | CVE: | CVE-2020-24036 | | Accessibility: | Remote | | Severity: | Medium | | Author: | Wolfgang Hotwagner AIT...

6.5CVSS0.02935EPSS
Exploits3
Circl
Circl
added 2021/03/04 4:46 p.m.6 views

CVE-2020-24036

creationtimestamp| type| source ---|---|--- 2021-03-04 16:46:34+00:00| seen| https://t.me/cibsecurity/24448...

8.8CVSS8.6AI score0.02935EPSS
Exploits3References1
NVD
NVD
added 2021/03/04 1:15 p.m.49 views

CVE-2020-24036

PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code...

8.8CVSS0.02935EPSS
Exploits3References4
Cvelist
Cvelist
added 2021/03/04 12:28 p.m.56 views

CVE-2020-24036

PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code...

8.9AI score0.02935EPSS
Exploits3References4
CVE
CVE
added 2021/03/04 12:28 p.m.74 views

CVE-2020-24036

ForkCMS prior to version 5.8.3 is affected by PHP object injection via the backend Ajax endpoint. The vulnerability allows an authenticated remote user to inject PHP objects through unserialize calls in the Ajax handlers, enabling remote code execution. The issue is specific to ForkCMS’s backend ...

8.8CVSS8.8AI score0.02935EPSS
Exploits3References4Affected Software1
Rows per page
Query Builder