Browse all 7 CVE security advisories affecting ForU. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ForU provides a customer relationship management platform focused on sales automation and client engagement. Historically, the application has been susceptible to multiple remote code execution vulnerabilities, cross-site scripting flaws, and privilege escalation issues, accounting for its seven recorded CVEs. Notable security characteristics include insufficient input validation and inadequate access controls in several components. While no major public security incidents have been widely documented, the consistent pattern of vulnerabilities suggests potential risks for organizations relying on the platform, particularly those failing to implement timely patches and security hardening measures.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-0729 | ForU CMS cms_admin.php sql injection — CMSCWE-89 | 5.5 | Medium | 2024-01-19 |
| CVE-2024-0728 | ForU CMS channel.php file inclusion — CMSCWE-73 | 4.7 | Medium | 2024-01-19 |
| CVE-2024-0426 | ForU CMS cms_template.php sql injection — CMSCWE-89 | 6.3 | Medium | 2024-01-11 |
| CVE-2024-0425 | ForU CMS password recovery — CMSCWE-640 | 5.3 | Medium | 2024-01-11 |
| CVE-2023-5259 | ForU CMS cms_admin.php denial of service — CMSCWE-404 | 2.7 | Low | 2023-09-29 |
| CVE-2023-5221 | ForU CMS index.php code injection — CMSCWE-94 | 4.7 | Medium | 2023-09-27 |
| CVE-2022-3943 | ForU CMS cms_chip.php cross site scripting — CMSCWE-707 | 3.5 | Low | 2022-11-11 |
This page lists every published CVE security advisory associated with ForU. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.