Lucene search
K

172 matches found

ATTACKERKB
ATTACKERKB
added 2022/03/24 11:15 a.m.8 views

CVE-2022-0145

Cross-site Scripting XSS - Stored in GitHub repository forkcms/forkcms prior to 5.11.1...

6.8CVSS6.3AI score0.00671EPSS
Exploits1References3
CNNVD
CNNVD
added 2022/03/24 12:0 a.m.4 views

forkcms 跨站脚本漏洞

forkcms is a software application. A CMS. A security vulnerability exists in forkcms prior to 5.11.1. No information about this vulnerability is available at this time, please stay tuned to CNNVD or the vendor's announcement...

6.8CVSS6.3AI score0.00671EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2022/02/10 10:29 p.m.35 views

Cross-site scripting in forkcms

Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigationtitle" parameter and the "title" parameter in /private/en/pages/add...

6.1CVSS6.2AI score0.00844EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2022/02/10 10:29 p.m.23 views

GHSA-VP4X-94FF-2CMV Cross-site scripting in forkcms

Persistent Cross-site scripting vulnerability on Fork CMS version 5.8.2 allows remote attackers to inject arbitrary Javascript code via the "navigationtitle" parameter and the "title" parameter in /private/en/pages/add...

6.1CVSS6.2AI score0.00844EPSS
Exploits0References2
Veracode
Veracode
added 2021/10/26 1:36 p.m.16 views

Cross-site Scripting (XSS)

forkcms/forkcms is vulnerable to cross-site scripting attacks. The vulnerability exists because the 'Displayname' input field in 'Profiles' module is not properly encoded, which allows a malicious attacker to inject and execute arbitrary javascript...

5.4CVSS3.2AI score0.00576EPSS
Exploits1References3Affected Software1
CNVD
CNVD
added 2021/10/26 12:0 a.m.11 views

Fork CMS Cross-Site Scripting Vulnerability (CNVD-2021-83552)

Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . A cross-site scripting vulnerability exists in Fork CMS Content Management System version 5.8.0, which can be exploited by an attacker to...

5.4CVSS5.4AI score0.00576EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2021/10/25 7:43 p.m.37 views

Cross-site scripting in forkcms

Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS5.4AI score0.00576EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/10/25 7:43 p.m.15 views

GHSA-3374-7H99-XR85 Cross-site scripting in forkcms

Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS5.3AI score0.00576EPSS
Exploits1References4
NVD
NVD
added 2021/10/22 8:15 p.m.27 views

CVE-2020-23049

Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS0.00576EPSS
Exploits1References1
OSV
OSV
added 2021/10/22 8:15 p.m.14 views

CVE-2020-23049

Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...

5.4CVSS6.2AI score
Exploits0References1
Prion
Prion
added 2021/10/22 8:15 p.m.18 views

Cross site scripting

Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...

3.5CVSS5.4AI score0.00576EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2021/10/22 7:20 p.m.67 views

CVE-2020-23049

Fork CMS Content Management System v5.8.0 is affected by a cross-site scripting (XSS) vulnerability in the Displayname field when using Add, Edit, or Register. The root cause is improper encoding/input handling of the Displayname field, enabling attackers to inject and execute arbitrary web scrip...

5.4CVSS5.3AI score0.00576EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2021/10/22 7:20 p.m.30 views

CVE-2020-23049

Fork CMS Content Management System v5.8.0 was discovered to contain a cross-site scripting XSS vulnerability in the Displayname field when using the Add, Edit or Register' functions. This vulnerability allows attackers to execute arbitrary web scripts or HTML...

5.4AI score0.00576EPSS
Exploits1References1
CNNVD
CNNVD
added 2021/10/22 12:0 a.m.5 views

Fork CMS 跨站脚本漏洞

Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . A cross-site scripting vulnerability exists in Fork CMS Content Management System version 5.8.0, which can be exploited by an attacker to...

5.4CVSS5.5AI score0.00576EPSS
Exploits1References2
Github Security Blog
Github Security Blog
added 2021/09/08 5:26 p.m.44 views

Arbitrary file upload in Fork CMS

Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...

8.8CVSS5.3AI score0.0121EPSS
Exploits0References5Affected Software1
OSV
OSV
added 2021/09/08 5:26 p.m.16 views

GHSA-748F-WV76-X9HG Arbitrary file upload in Fork CMS

Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...

8.8CVSS8.5AI score0.0121EPSS
Exploits0References4
CNVD
CNVD
added 2021/07/08 12:0 a.m.4 views

Fork CMS Arbitrary File Upload Vulnerability

Fork CMS is an open source content management system CMS developed using PHP. The system contains blogs , questions and answers , forms and other modules . Fork CMS has an arbitrary file upload vulnerability that can be exploited to create or replace arbitrary files in the themes directory with...

8.8CVSS6.9AI score0.0121EPSS
Exploits0References1
OSV
OSV
added 2021/07/07 3:15 p.m.15 views

CVE-2021-28931

Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...

8.8CVSS6.9AI score
Exploits0References2
NVD
NVD
added 2021/07/07 3:15 p.m.21 views

CVE-2021-28931

Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...

8.8CVSS0.0121EPSS
Exploits0References2
Prion
Prion
added 2021/07/07 3:15 p.m.13 views

Design/Logic Flaw

Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel...

6.5CVSS8.5AI score0.0121EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder