Fork-cms - Fork Cms CVE

Filtered by vendor Fork-cms Subscribe

Filtered by product Fork Cms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-24036	1 Fork-cms	1 Fork Cms	2021-07-21	6.5 MEDIUM	8.8 HIGH
PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code.
CVE-2020-23264	1 Fork-cms	1 Fork Cms	2021-05-12	6.8 MEDIUM	8.8 HIGH
Cross-site request forgery (CSRF) in Fork-CMS before 5.8.2 allow remote attackers to hijack the authentication of logged administrators.

Vulnerabilities (CVE)