Browse all 3 CVE security advisories affecting forkcms. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ForkCMS serves as an open-source content management system primarily used for building and managing websites. Historically, it has been susceptible to common web vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and access control flaws. The platform currently has three CVEs on record, highlighting ongoing security concerns. While no major public security incidents have been widely documented, the presence of multiple CVEs indicates potential risks for organizations using the software without proper hardening and regular updates.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2022-1064 | SQL injection through marking blog comments on bulk as spam in forkcms/forkcms — forkcms/forkcmsCWE-89 | 8.8 | - | 2022-03-25 |
| CVE-2022-0153 | SQL Injection in forkcms/forkcms — forkcms/forkcmsCWE-89 | 8.1 | - | 2022-03-24 |
| CVE-2022-0145 | Cross-site Scripting (XSS) - Stored in forkcms/forkcms — forkcms/forkcmsCWE-79 | 5.4 | - | 2022-03-24 |
This page lists every published CVE security advisory associated with forkcms. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.