VulnerableCode Package Details - pkg:composer/forkcms/forkcms@5.9.1

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:composer/forkcms/forkcms@5.9.1

Essentials
History (8)

purl	pkg:composer/forkcms/forkcms@5.9.1

Next non-vulnerable version	5.11.1
Latest non-vulnerable version	5.11.1
Risk	4.0

Vulnerabilities affecting this package (8)

Vulnerability	Summary	Fixed by
VCID-6bst-csr9-nqc5 Aliases: CVE-2022-0153 GHSA-q863-cchm-c6c6	SQL Injection in Fork CMS	5.11.1 Affected by 0 other vulnerabilities.
VCID-9s32-dkgr-tyb4 Aliases: CVE-2022-35590 GHSA-pw4j-r69m-rrr5	ForkCMS XSS via `end_date` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-a5ur-bdkw-v7cp Aliases: CVE-2022-0145 GHSA-qf2g-q4mc-w7rr	Cross-site Scripting in Fork CMS	5.11.1 Affected by 0 other vulnerabilities.
VCID-a85x-t9uk-2kg8 Aliases: CVE-2022-35585 GHSA-9hmc-87h4-w869	ForkCMS stored XSS via `start_date` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-e6wj-8fte-hqds Aliases: CVE-2022-35587 GHSA-65wf-qm95-6mhm	ForkCMS XSS via `publish_on_date` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-fcqm-mep8-vqdr Aliases: CVE-2021-28931 GHSA-748f-wv76-x9hg		5.9.3 Affected by 7 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}
VCID-h6yg-1d43-yycc Aliases: CVE-2022-1064 GHSA-rr8m-29g8-8cgc	SQL Injection in Fork CMS	5.11.1 Affected by 0 other vulnerabilities.
VCID-vrms-fwp5-w3e9 Aliases: CVE-2022-35589 GHSA-q4qv-3x58-rxmh	ForkCMS XSS via `publish_on_time` parameter	5.11.0 Affected by 3 other vulnerabilities. This version is affected by these other vulnerabilities: {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }} {{ fixed_by_vuln.vulnerability_id }}

Vulnerabilities fixed by this package (0)

Vulnerability	Summary	Aliases
This package is not known to fix vulnerabilities.

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-06-12T18:29:42.507093+00:00	GitLab Importer	Affected by	VCID-e6wj-8fte-hqds	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35587.yml	38.6.0
2026-06-12T18:29:42.034857+00:00	GitLab Importer	Affected by	VCID-vrms-fwp5-w3e9	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35589.yml	38.6.0
2026-06-12T18:29:41.557691+00:00	GitLab Importer	Affected by	VCID-a85x-t9uk-2kg8	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35585.yml	38.6.0
2026-06-12T18:29:41.058355+00:00	GitLab Importer	Affected by	VCID-9s32-dkgr-tyb4	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-35590.yml	38.6.0
2026-06-12T18:03:24.164274+00:00	GitLab Importer	Affected by	VCID-h6yg-1d43-yycc	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-1064.yml	38.6.0
2026-06-12T18:03:20.415812+00:00	GitLab Importer	Affected by	VCID-a5ur-bdkw-v7cp	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-0145.yml	38.6.0
2026-06-12T18:03:18.543668+00:00	GitLab Importer	Affected by	VCID-6bst-csr9-nqc5	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2022-0153.yml	38.6.0
2026-06-12T17:47:51.083456+00:00	GitLab Importer	Affected by	VCID-fcqm-mep8-vqdr	https://gitlab.com/gitlab-org/advisories-community/-/blob/main/packagist/forkcms/forkcms/CVE-2021-28931.yml	38.6.0