172 matches found
CVE-2022-0145
Cross-site Scripting XSS - Stored in GitHub repository forkcms/forkcms prior to 5.11.1...
forkcms 跨站脚本漏洞
forkcms is a software application. A CMS. A security vulnerability exists in forkcms prior to 5.11.1. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...
Cross-site scripting in forkcms
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigationtitle" parameter and the "title" parameter in /private/en/pages/add...
GHSA-VP4X-94FF-2CMV Cross-site scripting in forkcms
Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigationtitle" parameter and the "title" parameter in /private/en/pages/add...
Cross-site Scripting (XSS)
forkcms/forkcms is vulnerable to cross-site scripting attacks. The vulnerability exists because the 'Displayname' input field in 'Profiles' module is not properly encoded, which allows a malicious attacker to inject and execute arbitrary javascript...
Fork CMS Cross-Site Scripting Vulnerability (CNVD-2021-83552)
Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . A cross-site scripting vulnerability exists in Fork CMS Content Management System version 5.8.0, which can be exploited by an attacker to...
Cross-site scripting in forkcms
Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...
GHSA-3374-7H99-XR85 Cross-site scripting in forkcms
Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...
CVE-2020-23049
Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...
CVE-2020-23049
Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...
Cross site scripting
Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...
CVE-2020-23049
Fork CMS Content Management System v5.8.0 is affected by a cross-site scripting (XSS) vulnerability in the Displayname field when using Add, Edit, or Register. The root cause is improper encoding/input handling of the Displayname field, enabling attackers to inject and execute arbitrary web scrip...
CVE-2020-23049
Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...
Fork CMS 跨站脚本漏洞
Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . A cross-site scripting vulnerability exists in Fork CMS Content Management System version 5.8.0, which can be exploited by an attacker to...
Arbitrary file upload in Fork CMS
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...
GHSA-748F-WV76-X9HG Arbitrary file upload in Fork CMS
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...
Fork CMS Arbitrary File Upload Vulnerability
Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . Fork CMS has an arbitrary file upload vulnerability that can be exploited to create or replace arbitrary files in the themes directory with...
CVE-2021-28931
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...
CVE-2021-28931
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...
Design/Logic Flaw
Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...