Lucene search

Feehicms Security Vulnerabilities

cve

CVE-2020-21174

File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code via the image suffix...

9.8CVSS

9.6AI Score

0.01EPSS

2023-06-20 03:15 PM

cve

CVE-2020-21489

File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self...

9.8CVSS

9.6AI Score

0.01EPSS

2023-06-20 03:15 PM

cve

CVE-2020-36607

Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html...

6.1CVSS

6.1AI Score

0.001EPSS

2022-12-15 07:15 PM

cve

CVE-2022-40001

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article...

5.4CVSS

5.5AI Score

0.001EPSS

2022-12-15 07:15 PM

cve

CVE-2020-20589

Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html...

6.1CVSS

6.1AI Score

0.001EPSS

2022-12-15 07:15 PM

cve

CVE-2022-40373

Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML...

5.4CVSS

5.5AI Score

0.001EPSS

2022-12-15 07:15 PM

cve

CVE-2021-36572

Cross Site Scripting (XSS) vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via the user name field of the login...

6.1CVSS

6AI Score

0.001EPSS

2022-12-15 07:15 PM

cve

CVE-2022-40000

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in...

5.4CVSS

5.5AI Score

0.001EPSS

2022-12-15 07:15 PM

cve

CVE-2021-36573

File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image...

5.4CVSS

5.7AI Score

0.001EPSS

2022-12-15 07:15 PM

cve

CVE-2022-40002

Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to...

5.4CVSS

5.4AI Score

0.001EPSS

2022-12-15 07:15 PM

cve

CVE-2022-4014

A vulnerability, which was classified as problematic, has been found in FeehiCMS. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The identifier of this...

4.3CVSS

4.6AI Score

0.001EPSS

2022-11-16 08:15 AM

cve

CVE-2022-43320

FeehiCMS v2.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at...

6.1CVSS

6AI Score

0.001EPSS

2022-11-09 02:15 PM

cve

CVE-2022-40408

FeehiCMS v2.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted payload injected into the Comment box under the Single Page...

5.4CVSS

5.2AI Score

0.001EPSS

2022-09-29 02:15 PM

cve

CVE-2020-21516

There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8 at the head image upload, that allows attackers to execute relevant PHP...

9.8CVSS

9.7AI Score

0.003EPSS

2022-09-06 07:15 PM

cve

CVE-2020-21322

An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP...

9.8CVSS

9.6AI Score

0.003EPSS

2021-09-15 10:15 PM

cve

CVE-2020-19709

Insufficient filtering of the tag parameters in feehicms 0.1.3 allows attackers to execute arbitrary web or HTML via a crafted...

6.1CVSS

6.3AI Score

0.001EPSS

2021-08-26 03:15 AM