VulnerableCode Package Details - pkg:composer/forkcms/forkcms@5.8.2

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/forkcms/forkcms@5.8.2

Essentials
History (13)

purl	pkg:composer/forkcms/forkcms@5.8.2

Next non-vulnerable version	5.11.1
Latest non-vulnerable version	5.11.1
Risk

Vulnerabilities affecting this package (11)

Vulnerability	Summary	Fixed by
VCID-3hj7-ythr-yuam Aliases: CVE-2020-23960 GHSA-pvgf-mrr4-cw7r		5.8.3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-6bst-csr9-nqc5 Aliases: CVE-2022-0153 GHSA-q863-cchm-c6c6	SQL Injection in Fork CMS	5.11.1 Affected by 0 other vulnerabilities.
VCID-8xyp-phxj-87eq Aliases: CVE-2020-23263 GHSA-vp4x-94ff-2cmv	Cross-site scripting in forkcms	5.8.3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-9s32-dkgr-tyb4 Aliases: CVE-2022-35590 GHSA-pw4j-r69m-rrr5	ForkCMS XSS via `end_date` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-a5ur-bdkw-v7cp Aliases: CVE-2022-0145 GHSA-qf2g-q4mc-w7rr	Cross-site Scripting in Fork CMS	5.11.1 Affected by 0 other vulnerabilities.
VCID-a85x-t9uk-2kg8 Aliases: CVE-2022-35585 GHSA-9hmc-87h4-w869	ForkCMS stored XSS via `start_date` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-e6wj-8fte-hqds Aliases: CVE-2022-35587 GHSA-65wf-qm95-6mhm	ForkCMS XSS via `publish_on_date` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fcqm-mep8-vqdr Aliases: CVE-2021-28931 GHSA-748f-wv76-x9hg		5.9.3 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-h6yg-1d43-yycc Aliases: CVE-2022-1064 GHSA-rr8m-29g8-8cgc	SQL Injection in Fork CMS	5.11.1 Affected by 0 other vulnerabilities.
VCID-pzmp-qkwq-kbad Aliases: CVE-2020-13633 GHSA-74gc-hf33-5353		5.8.3 Affected by 8 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-vrms-fwp5-w3e9 Aliases: CVE-2022-35589 GHSA-q4qv-3x58-rxmh	ForkCMS XSS via `publish_on_time` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (1)

Vulnerability	Summary	Aliases
VCID-ha8d-wb4r-6fc2		CVE-2020-23264 GHSA-82xf-8h9p-c6qj

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T18:29:42.495492+00:00	GitLab Importer	Affected by	VCID-e6wj-8fte-hqds	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35587.yml	38.6.0
2026-06-12T18:29:42.022896+00:00	GitLab Importer	Affected by	VCID-vrms-fwp5-w3e9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35589.yml	38.6.0
2026-06-12T18:29:41.545488+00:00	GitLab Importer	Affected by	VCID-a85x-t9uk-2kg8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35585.yml	38.6.0
2026-06-12T18:29:41.045356+00:00	GitLab Importer	Affected by	VCID-9s32-dkgr-tyb4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35590.yml	38.6.0
2026-06-12T18:16:54.702866+00:00	GitLab Importer	Affected by	VCID-pzmp-qkwq-kbad	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2020-13633.yml	38.6.0
2026-06-12T18:03:24.152487+00:00	GitLab Importer	Affected by	VCID-h6yg-1d43-yycc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-1064.yml	38.6.0
2026-06-12T18:03:20.403792+00:00	GitLab Importer	Affected by	VCID-a5ur-bdkw-v7cp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-0145.yml	38.6.0
2026-06-12T18:03:18.531506+00:00	GitLab Importer	Affected by	VCID-6bst-csr9-nqc5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-0153.yml	38.6.0
2026-06-12T17:59:16.967611+00:00	GitLab Importer	Affected by	VCID-8xyp-phxj-87eq	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2020-23263.yml	38.6.0
2026-06-12T17:47:51.069073+00:00	GitLab Importer	Affected by	VCID-fcqm-mep8-vqdr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2021-28931.yml	38.6.0
2026-06-12T17:43:26.187473+00:00	GitLab Importer	Fixing	VCID-ha8d-wb4r-6fc2	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2020-23264.yml	38.6.0
2026-06-12T17:38:43.486426+00:00	GitLab Importer	Affected by	VCID-3hj7-ythr-yuam	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2020-23960.yml	38.6.0
2026-06-12T08:06:06.153533+00:00	GithubOSV Importer	Fixing	VCID-ha8d-wb4r-6fc2	https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2021/06/GHSA-82xf-8h9p-c6qj/GHSA-82xf-8h9p-c6qj.json	38.6.0