Lucene search
K

172 matches found

Cvelist
Cvelist
added 2015/02/06 3:0 p.m.41 views

CVE-2015-1467

Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the 1 language or 2 type parameter to private/en/locale/index...

8AI score0.02395EPSS
Exploits5References4
CVE
CVE
added 2015/02/06 3:0 p.m.58 views

CVE-2015-1467

Fork CMS is affected by SQL injection in the Translations feature prior to version 3.8.6. The vulnerability allows remote authenticated users to execute arbitrary SQL commands via the language[] and type[] parameters sent to private/en/locale/index. The issue is triggered when an authenticated us...

7.5CVSS8.1AI score0.02395EPSS
Exploits5References4Affected Software1
0day.today
0day.today
added 2015/02/05 12:0 a.m.68 views

Fork CMS 3.8.5 SQL Injection Vulnerability

Fork CMS version 3.8.5 suffers from a remote SQL injection vulnerability. Fork CMS - SQL Injection in Version 3.8.5 ---------------------------------------------------------------- Product Information: Software: Fork CMS Tested Version: 3.8.5, released on Wednesday 14 January 2015 Vulnerability...

7.5CVSS7.5AI score0.02395EPSS
Exploits5
Packet Storm
Packet Storm
added 2015/02/04 12:0 a.m.73 views

Fork CMS 3.8.5 SQL Injection

CVE-2015-1467 Fork CMS - SQL Injection in Version 3.8.5 ---------------------------------------------------------------- Product Information: Software: Fork CMS Tested Version: 3.8.5, released on Wednesday 14 January 2015 Vulnerability Type: SQL Injection CWE-89 Download link to tested version:...

7.5CVSS0.2AI score0.02395EPSS
Exploits5
CNVD
CNVD
added 2015/01/14 12:0 a.m.4 views

Fork CMS 'loadForm()' Function Cross-Site Scripting Vulnerability

Fork CMS is a CMS system developed in PHP. A cross-site scripting vulnerability exists in the Fork CMS 'loadForm' function due to the program failing to properly filter user-supplied input. An attacker could use this vulnerability to execute arbitrary script code or steal cookie-based...

6.1CVSS6.8AI score0.01421EPSS
Exploits2References1
Packet Storm
Packet Storm
added 2015/01/13 12:0 a.m.46 views

Fork CMS 3.8.3 Cross Site Scripting

Exploit Title: XSS Vulnerability in Fork CMS 3.8.3 Google Dork: N/A Date: 12/26/2014 Exploit Author: Le Ngoc phi [email protected] and ITAS Team www.itas.vn Vendor Homepage: http://www.fork-cms.com Software Link: http://www.fork-cms.com/blog/detail/fork-3.8.4-released Version: Fork 3.8.3 Tested on...

6.4AI score0.01421EPSS
Exploits2
seebug.org
seebug.org
added 2014/07/01 12:0 a.m.14 views

Fork CMS 3.2.4 - Multiple Vulnerabilities (LFI - XSS)

No description provided by source...

7.1AI score
Exploits0
Packet Storm
Packet Storm
added 2013/04/18 12:0 a.m.20 views

Fork CMS Cross Site Request Forgery

==================================================================================== Fork-CMS CSRF: Introduction Author: Rafay Baloch CSRF OR XSRF Cross site request forgery occurs when the victim forces your browser to send a forged request and makes the victim performing a particular action. An...

0.6AI score
Exploits0
Packet Storm
Packet Storm
added 2013/04/18 12:0 a.m.18 views

Fork CMS Cross Site Scripting

=================================================================================== Fork-CMS Stored XSS: Stored XSS: Author: Rafay Baloch Introduction: Cross Site scritping XSS has been a problem for ages, XSS occurs when the input data is copied into application responses without being sanitized...

7.4AI score
Exploits0
Packet Storm
Packet Storm
added 2013/04/18 12:0 a.m.17 views

Fork CMS Local File Inclusion

============================================================================== Fork-CMS Local File Inclusion: Author: Rafay Baloch Introduction: Local file inclusion vulnerability occur when the include function is not sanitized properl, LFI is classified under OWASP Top10 under "A4 Insecure Dire...

7.4AI score
Exploits0
exploitpack
exploitpack
added 2013/04/18 12:0 a.m.10 views

Fork CMS - js.php Local File Inclusion

Fork CMS - js.php Local File Inclusion source: https://www.securityfocus.com/bid/59298/info Fork CMS is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in...

7.4AI score
Exploits0
Exploit DB
Exploit DB
added 2013/04/18 12:0 a.m.14 views

Fork CMS - 'js.php' Local File Inclusion

source: https://www.securityfocus.com/bid/59298/info Fork CMS is prone to a local file-include vulnerability because it fails to sufficiently sanitize user-supplied input. An attacker can exploit this vulnerability to view files and execute local scripts in the context of the web server process...

7.4AI score
Exploits0
NVD
NVD
added 2012/09/26 12:55 a.m.28 views

CVE-2012-1188

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the 1 type or 2 querystring parameters to private/en/error or 3 name parameter to private/en/locale/index...

4.3CVSS5.7AI score0.04458EPSS
Exploits2References9
NVD
NVD
added 2012/09/26 12:55 a.m.19 views

CVE-2012-5164

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to 1 autocomplete.php, 2 search/ajax/autosuggest.php, 3 livesuggest.php, or 4 save.php in frontend/modules/search/ajax...

4.3CVSS5.8AI score0.0122EPSS
Exploits1References5
Prion
Prion
added 2012/09/26 12:55 a.m.16 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to 1 autocomplete.php, 2 search/ajax/autosuggest.php, 3 livesuggest.php, or 4 save.php in frontend/modules/search/ajax...

4.3CVSS6.1AI score0.0122EPSS
Exploits1References5Affected Software1
Prion
Prion
added 2012/09/26 12:55 a.m.15 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the 1 type or 2 querystring parameters to private/en/error or 3 name parameter to private/en/locale/index...

4.3CVSS6AI score0.04458EPSS
Exploits2References9Affected Software1
Cvelist
Cvelist
added 2012/09/26 12:0 a.m.22 views

CVE-2012-5164

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the term parameter to 1 autocomplete.php, 2 search/ajax/autosuggest.php, 3 livesuggest.php, or 4 save.php in frontend/modules/search/ajax...

5.8AI score0.0122EPSS
Exploits1References5
Cvelist
Cvelist
added 2012/09/26 12:0 a.m.32 views

CVE-2012-1188

Multiple cross-site scripting XSS vulnerabilities in Fork CMS before 3.2.7 allow remote attackers to inject arbitrary web script or HTML via the 1 type or 2 querystring parameters to private/en/error or 3 name parameter to private/en/locale/index...

5.7AI score0.04458EPSS
Exploits2References9
CVE
CVE
added 2012/09/26 12:0 a.m.40 views

CVE-2012-5164

Fork CMS before 3.2.7 is affected by multiple XSS vulnerabilities that allow remote injection of arbitrary scripts via the term parameter to frontend/modules/search/ajax/autocomplete.php, search/ajax/autosuggest.php, livesuggest.php, and save.php. Affects Fork CMS 3.x up to 3.2.7; CVSSv2 base sco...

4.3CVSS5.9AI score0.0122EPSS
Exploits1References5Affected Software1
CVE
CVE
added 2012/09/26 12:0 a.m.63 views

CVE-2012-1188

CVE-2012-1188 covers multiple XSS vulnerabilities in Fork CMS before 3.2.7. The flaws allow remote attackers to inject arbitrary HTML/JS via: (1) type and (2) querystring parameters to /private/en/error, and (3) name parameter to /private/en/locale/index. The issue affects Fork CMS versions up to...

4.3CVSS5.7AI score0.04458EPSS
Exploits2References9Affected Software1
Rows per page
Query Builder