PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code.
Metrics
Affected Vendors & Products
References
History
Sun, 05 Jul 2026 00:00:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| References |
|
Status: PUBLISHED
Assigner: mitre
Published: 2021-03-04T12:28:05.000Z
Updated: 2026-07-09T00:10:54.664Z
Reserved: 2020-08-13T00:00:00.000Z
Link: CVE-2020-24036
No data.
Status : Modified
Published: 2021-03-04T13:15:14.907
Modified: 2026-06-17T03:05:11.180
Link: CVE-2020-24036
No data.