Vulnerabilities > Fork CMS > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-08-26 | CVE-2019-15521 | Deserialization of Untrusted Data vulnerability in multiple products Spoon Library through 2014-02-06, as used in Fork CMS before 1.4.1 and other products, allows PHP object injection via a cookie containing an object. | 7.5 |
| 2015-02-06 | CVE-2015-1467 | SQL Injection vulnerability in Fork-Cms Fork CMS Multiple SQL injection vulnerabilities in Translations in Fork CMS before 3.8.6 allow remote authenticated users to execute arbitrary SQL commands via the (1) language[] or (2) type[] parameter to private/en/locale/index. | 7.5 |