Every CVE whose affected-product data names Forget Heart Message Box Project Forget Heart Message Box, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-24241 — CVSS 9.8 (critical): Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /admin/loginpost.php.
CVE-2023-24956 — CVSS 8.8 (high): Forget Heart Message Box v1.1 was discovered to contain a SQL injection vulnerability via the name parameter at /cha.php.