EPSS
Percentile
41.1%
forkcms/forkcms is vulnerable to SQL Injection attacks. The ids parameter in getComments function is not properly sanitized, which allows a malicious user to inject and execute arbitrary SQL queries on the target system.
ids
getComments
github.com/forkcms/forkcms/commit/6aca30e10b4181534f73f96d6e2ebeb45ec15069
github.com/forkcms/forkcms/pull/3497
huntr.dev/bounties/2f664985-c5fc-485b-b4fc-4c401be2cf40
huntr.dev/bounties/2f664985-c5fc-485b-b4fc-4c401be2cf40/