CVE-2022-3943 An issue was found in ForU CMS. The function cms_chip.php is vulnerable to cross site scripting. This can be done remotely.

CVE-2022-3943 An issue was found in ForU CMS. The function cms_chip.php is vulnerable to cross site scripting. This can be done remotely.

There is no need to contact ForU support to patch this problem. The update has been released by the developer. Users may check if cms_chip.php has been updated by downloading a copy of the software. Any patch must be applied to the file. It is possible to check the status of the patch. For example, it may be done manually. If it has been applied, there is no need to apply it once again.

To update ForU CMS, visit the Control Panel. Select the option Update. VDB-213450 may be found there.

ForU CMS Vulnerable to SQL Injection

ForU was recently found to be vulnerable to SQL injection. This means that it is possible for a malicious user to execute malicious SQL statements in the system.
The vulnerability has been fixed and a patch has been released by the developer. Users may check if cms_chip.php has been updated by downloading a copy of the software. Any patch must be applied to the file. It is possible to check the status of the patch. For example, it may be done manually. If it has been applied, there is no need to apply it once again.

To update ForU CMS, visit the Control Panel. Select the option Update. VDB-213450 may be found there.

VDB-213450: ForU CMS – Unspecified vulnerability

A vulnerability in the ForU CMS has been discovered. If an attacker is able to pass a specific parameter when accessing your website, they may be able to execute code on your server and take control of it.

References

Subscribe to CVE.news
Don’t miss out on the latest issues. Sign up now to get access to the library of members-only issues.
jamie@example.com
Subscribe