PHP Object Injection in ForkCMS Ajax Endpoint (<= v5.8.3): Remote Code Execution
CVE-2020-24036 · HIGH Severity
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
PHP object injection in the Ajax endpoint of the backend in ForkCMS below version 5.8.3 allows an authenticated remote user to execute malicious code.
Learn more about our Cms Pen Testing.