CVE-2015-1467

Name of the Vulnerable Software and Affected Versions Fork CMS versions prior to 3.8.6

Description The issue concerns SQL injection vulnerabilities in the Translations component of Fork CMS. These vulnerabilities allow remote authenticated users to execute arbitrary SQL commands. The vulnerabilities can be exploited via the language[] or type[] parameters.

Recommendations For versions prior to 3.8.6, update to version 3.8.6 or later to resolve the issue. As a temporary workaround, consider restricting access to the Translations component to minimize the risk of exploitation. Avoid using the language[] and type[] parameters in the affected area until the issue is resolved.