2 matches found
Fork CMS 3.8.5 - SQL Injection
CVE-2015-1467 Fork CMS - SQL Injection in Version 3.8.5 ---------------------------------------------------------------- Product Information: Software: Fork CMS Tested Version: 3.8.5, released on Wednesday 14 January 2015 Vulnerability Type: SQL Injection CWE-89 Download link to tested version:...
CVE-2015-1467
Fork CMS is affected by SQL injection in the Translations feature prior to version 3.8.6. The vulnerability allows remote authenticated users to execute arbitrary SQL commands via the language[] and type[] parameters sent to private/en/locale/index. The issue is triggered when an authenticated us...