CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

8 matches found

Positive Technologies•added 2026/04/07 12:0 a.m.•5 views

PT-2026-30914

Name of the Vulnerable Software and Affected Versions Windmill CE and EE versions 1.276.0 through 1.603.2 Description Windmill CE and EE versions 1.276.0 through 1.603.2 contain an SQL injection vulnerability in the folder ownership management functionality. Authenticated attackers can inject SQL...

9.9CVSS6.4AI score0.05064EPSS

Exploits0References12

EUVD•added 2025/10/03 8:7 p.m.•4 views

EUVD-2022-5767

Malicious code in bioql PyPI...

5.4CVSS5.6AI score0.00556EPSS

Exploits1References4

OSV•added 2022/05/14 1:39 a.m.•16 views

GHSA-XCMJ-XJHG-WVHQ Fork CMS XSS Vulnerability

Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebookadminids parameter aka "Admin ids" input in the Facebook section...

5.4CVSS5.1AI score0.00556EPSS

Exploits1References3

Github Security Blog•added 2022/05/14 1:39 a.m.•29 views

Fork CMS XSS Vulnerability

Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebookadminids parameter aka "Admin ids" input in the Facebook section...

5.4CVSS6.2AI score0.00556EPSS

Exploits1References3Affected Software1

CNVD•added 2019/01/10 12:0 a.m.•2 views

Fork CMS Cross-Site Scripting Vulnerability (CNVD-2019-01096)

Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . A cross-site scripting vulnerability exists in the private/en/settings page in Fork CMS version 5.0.6. A remote attacker can exploit this...

5.4CVSS6.1AI score0.00556EPSS

Exploits1References1

Prion•added 2019/01/09 11:29 p.m.•10 views

Design/Logic Flaw

Fork CMS 5.0.6 allows stored XSS via the private/en/settings facebookadminids parameter aka "Admin ids" input in the Facebook section...

3.5CVSS5.1AI score0.00556EPSS

Exploits1References1Affected Software1

CVE•added 2019/01/09 11:0 p.m.•45 views

CVE-2018-20682

Fork CMS 5.0.6 is affected by a stored XSS in the private/en/settings facebook_admin_ids input (Admin ids). The root cause is unsanitized/unencoded input rendered to users, enabling arbitrary script execution in stored form. Exploitation status is not detailed in the provided documents. Multiple ...

5.4CVSS5.1AI score0.00556EPSS

Exploits1References1Affected Software1