172 matches found
Cross site scripting
In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI...
CVE-2018-17595
In the 5.4.0 version of the Fork CMS software, HTML Injection and Stored XSS vulnerabilities were discovered via the /backend/ajax URI...
CVE-2018-17595
CVE-2018-17595 affects Fork CMS 5.4.0, where HTML Injection and Stored XSS are triggered through the /backend/ajax URI. The available connected sources confirm the vulnerability in the specified version and describe the attack class as HTML injection leading to stored XSS in Fork CMS’s backend AJ...
Cross-Site Scripting (XSS)
Fork CMS is vulnerable to cross-site scripting. A remote attacker is able to inject arbitrary Javascript into a victim's browser to steal session cookies or perform unwanted actions on behalf of the user via /backend/ajax...
Fork CMS 5.4.0 - Cross-Site Scripting Vulnerability
Exploit for php platform in category web applications Exploit Title: Fork CMS 5.4.0 - Cross-Site Scripting Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.fork-cms.com/ Software Link : https://github.com/forkcms/forkcms Software : Fork 5.4.0 Product Version: 5.4.0 Vulernability Type ...
Fork CMS 5.4.0 - Cross-Site Scripting
Exploit Title: Fork CMS 5.4.0 - Cross-Site Scripting Date: 2018-09-26 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.fork-cms.com/ Software Link : https://github.com/forkcms/forkcms Software : Fork 5.4.0 Product Version: 5.4.0 Vulernability Type : Code Injection Vulenrability : HTML...
Fork CMS 5.4.0 - Cross-Site Scripting
Fork CMS 5.4.0 - Cross-Site Scripting Exploit Title: Fork CMS 5.4.0 - Cross-Site Scripting Date: 2018-09-26 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.fork-cms.com/ Software Link : https://github.com/forkcms/forkcms Software : Fork 5.4.0 Product Version: 5.4.0 Vulernability Type...
Fork CMS 5.4.0 Cross Site Scripting / HTML Injection
Exploit Title: Fork CMS 5.4.0 - HTML Injection and Stored XSS Date: 2018-09-26 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.fork-cms.com/ Software Link : https://github.com/forkcms/forkcms Software : Fork 5.4.0 Product Version: 5.4.0 Vulernability Type : Code Injection Vulenrabili...
Fork CMS 5.4.0 Cross Site Scripting / HTML Injection
Exploit Title: Fork CMS 5.4.0 - HTML Injection and Stored XSS Date: 2018-09-26 Exploit Author: Ismail Tasdelen Vendor Homepage: https://www.fork-cms.com/ Software Link : https://github.com/forkcms/forkcms Software : Fork 5.4.0 Product Version: 5.4.0 Vulernability Type : Code Injection Vulenrabili...
Fork CMS title parameter cross-site scripting vulnerability
Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . A cross-site scripting vulnerability exists in Fork CMS version 5.0.7. The vulnerability can be exploited to inject arbitrary web script or...
CVE-2018-5215
Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter...
Design/Logic Flaw
Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter...
CVE-2018-5215
Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter...
CVE-2018-5215
Fork CMS 5.0.7 has XSS in /private/en/pages/edit via the title parameter...
CVE-2018-5215
Fork CMS 5.0.7 is affected by an XSS vulnerability in the title parameter of the /private/en/pages/edit endpoint. The root cause is a cross-site scripting flaw that allows injection via the title field, as documented across multiple sources (CVE-2018-5215 and related advisories). Exploitation det...
[CVE-2015-1467] Fork CMS - SQL Injection in Version 3.8.5
CVE-2015-1467 Fork CMS - SQL Injection in Version 3.8.5 ---------------------------------------------------------------- Product Information: Software: Fork CMS Tested Version: 3.8.5, released on Wednesday 14 January 2015 Vulnerability Type: SQL Injection CWE-89 Download link to tested version:...
Fork CMS 3.8.5 - SQL Injection
Fork CMS 3.8.5 - SQL Injection CVE-2015-1467 Fork CMS - SQL Injection in Version 3.8.5 ---------------------------------------------------------------- Product Information: Software: Fork CMS Tested Version: 3.8.5, released on Wednesday 14 January 2015 Vulnerability Type: SQL Injection CWE-89...
Fork CMS 3.8.5 - SQL Injection
CVE-2015-1467 Fork CMS - SQL Injection in Version 3.8.5 ---------------------------------------------------------------- Product Information: Software: Fork CMS Tested Version: 3.8.5, released on Wednesday 14 January 2015 Vulnerability Type: SQL Injection CWE-89 Download link to tested version:...
CVE-2015-1467
Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the 1 language or 2 type parameter to private/en/locale/index...
Sql injection
Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the 1 language or 2 type parameter to private/en/locale/index...