forkcms/forkcms Security Advisories for 5.0.3 (15)
-
[MEDIUM] ForkCMS XSS via `end_date` parameter
PKSA-gzj1-sq51-b9s2 CVE-2022-35590 GHSA-pw4j-r69m-rrr5
Affected version: <5.11.0
Reported by:
GitHub -
[MEDIUM] ForkCMS XSS via `publish_on_time` parameter
PKSA-n4yt-knmn-s8xc CVE-2022-35589 GHSA-q4qv-3x58-rxmh
Affected version: <5.11.0
Reported by:
GitHub -
[MEDIUM] ForkCMS XSS via `publish_on_date` parameter
PKSA-z936-j7mw-h3k3 CVE-2022-35587 GHSA-65wf-qm95-6mhm
Affected version: <5.11.0
Reported by:
GitHub -
[MEDIUM] ForkCMS stored XSS via `start_date` parameter
PKSA-fqv6-v114-nkms CVE-2022-35585 GHSA-9hmc-87h4-w869
Affected version: <5.11.0
Reported by:
GitHub -
[MEDIUM] Fork CMS Cross-site Scripting Vulnerability
PKSA-cs5r-kjhq-8vp8 CVE-2020-13633 GHSA-74gc-hf33-5353
Affected version: <5.8.3
Reported by:
GitHub -
[MEDIUM] Fork CMS XSS Vulnerability
PKSA-2qh7-vcnk-8zjw CVE-2018-5215 GHSA-8fjq-cpr7-cmfp
Affected version: <=5.0.7
Reported by:
GitHub -
[MEDIUM] Fork CMS XSS Vulnerability
PKSA-ggvb-wbqf-wy7m CVE-2018-20682 GHSA-xcmj-xjhg-wvhq
Affected version: <=5.0.6
Reported by:
GitHub -
[HIGH] SQL Injection in Fork CMS
PKSA-wk4s-rmxz-dbgt CVE-2022-1064 GHSA-rr8m-29g8-8cgc
Affected version: <5.11.1
Reported by:
GitHub -
[MEDIUM] Cross-site Scripting in Fork CMS
PKSA-38vq-ycs8-6zr5 CVE-2022-0145 GHSA-qf2g-q4mc-w7rr
Affected version: <5.11.1
Reported by:
GitHub -
[HIGH] SQL Injection in Fork CMS
PKSA-xtsw-1wrv-q72h CVE-2022-0153 GHSA-q863-cchm-c6c6
Affected version: <5.11.1
Reported by:
GitHub -
[MEDIUM] Cross-site scripting in forkcms
PKSA-v3fh-7yw2-qwpw CVE-2020-23263 GHSA-vp4x-94ff-2cmv
Affected version: <5.8.3
Reported by:
GitHub -
[MEDIUM] Cross-site scripting in forkcms
PKSA-wm2t-cgpp-5p1s CVE-2020-23049 GHSA-3374-7h99-xr85
Affected version: <5.8.1
Reported by:
GitHub -
[HIGH] Arbitrary file upload in Fork CMS
PKSA-4qdv-hqd9-sbxk CVE-2021-28931 GHSA-748f-wv76-x9hg
Affected version: <=5.9.2
Reported by:
GitHub -
[HIGH] Cross-Site Request Forgery in forkcms
PKSA-5pzb-z5cj-6h22 CVE-2020-23264 GHSA-82xf-8h9p-c6qj
Affected version: <5.8.2
Reported by:
GitHub -
[HIGH] Cross-Site Request Forgery in ForkCMS
PKSA-8mdn-67z8-xx3f CVE-2020-23960 GHSA-pvgf-mrr4-cw7r
Affected version: <5.8.3
Reported by:
GitHub