Vulnerabilities > Fork CMS > Fork CMS > 5.9.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-03-25 | CVE-2022-1064 | SQL Injection vulnerability in Fork-Cms Fork CMS SQL injection through marking blog comments on bulk as spam in GitHub repository forkcms/forkcms prior to 5.11.1. | 6.5 |
2022-03-24 | CVE-2022-0153 | SQL Injection vulnerability in Fork-Cms Fork CMS SQL Injection in GitHub repository forkcms/forkcms prior to 5.11.1. | 4.3 |
2022-03-24 | CVE-2022-0145 | Cross-site Scripting vulnerability in Fork-Cms Fork CMS Cross-site Scripting (XSS) - Stored in GitHub repository forkcms/forkcms prior to 5.11.1. | 3.5 |
2021-07-07 | CVE-2021-28931 | Unrestricted Upload of File with Dangerous Type vulnerability in Fork-Cms Fork CMS 5.9.2 Arbitrary file upload vulnerability in Fork CMS 5.9.2 allows attackers to create or replace arbitrary files in the /themes directory via a crafted zip file uploaded to the Themes panel. | 6.5 |