Lucene search
K

167 matches found

NVD
NVD
added 2026/06/29 9:16 a.m.9 views

CVE-2026-13546

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS0.00383EPSS
Exploits0References5
NVD
NVD
added 2026/06/29 7:16 a.m.8 views

CVE-2026-13544

A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the component API. This manipulation causes improper access controls. The attack can be initiated remotely. The exploit has been published and may be used. The project wa...

6.5CVSS0.00214EPSS
Exploits0References8
EUVD
EUVD
added 2026/06/29 7:15 a.m.7 views

EUVD-2026-40046

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS6.7AI score0.00383EPSS
Exploits0References5
CVE
CVE
added 2026/06/29 7:15 a.m.14 views

CVE-2026-13546

CVE-2026-13546 affects Feehi CMS up to version 2.1.1. The vulnerability targets the REST API Endpoint, specifically the unknown code in the file /api/articles, where manipulation results in missing authentication. Attack would be remote, and the exploit has been made public. The project was infor...

7.5CVSS6.7AI score0.00383EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 7:15 a.m.6 views

CVE-2026-13546

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS5.5AI score0.00383EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2026/06/29 7:15 a.m.32 views

CVE-2026-13546 Feehi CMS REST API Endpoint articles missing authentication

A vulnerability was found in Feehi CMS up to 2.1.1. This vulnerability affects unknown code of the file /api/articles of the component REST API Endpoint. Performing a manipulation results in missing authentication. The attack may be initiated remotely. The exploit has been made public and could b...

7.5CVSS0.00383EPSS
Exploits0References5
ATTACKERKB
ATTACKERKB
added 2026/06/29 6:45 a.m.8 views

CVE-2026-13544

A flaw has been found in Feehi CMS up to 2.1.1. Affected by this issue is some unknown functionality of the file /api/users of the component API. This manipulation causes improper access controls. The attack can be initiated remotely. The exploit has been published and may be used. The project wa...

6.5CVSS6.2AI score0.00214EPSS
Exploits0References8Affected Software1
CVE
CVE
added 2026/06/29 6:45 a.m.21 views

CVE-2026-13544

The CVE refers to Feehi CMS (up to version 2.1.1) with an issue in the API component, specifically the /api/users endpoint. The flaw allows manipulation that leads to improper access controls, enabling remote initiation of an attack. Public exploit appears to be available, and the vendor/maintain...

6.5CVSS6.2AI score0.00214EPSS
Exploits0References8
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.11 views

CVE-2026-31351

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...

4.8CVSS6AI score0.00181EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.8 views

CVE-2026-31350

An authenticated stored cross-site scripting XSS vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Page Sign parameter...

5.4CVSS6AI score0.00169EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.4 views

CVE-2026-31313

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Content field...

5.4CVSS6AI score0.00133EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.10 views

CVE-2026-31352

An authenticated stored cross-site scripting XSS vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter...

5.4CVSS6AI score0.00211EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/04/07 5:12 a.m.10 views

CVE-2026-31353

An authenticated stored cross-site scripting XSS vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Name parameter...

5.4CVSS6AI score0.00169EPSS
Exploits1References1
Github Security Blog
Github Security Blog
added 2026/04/06 6:33 p.m.3 views

Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Content field...

5.4CVSS6AI score0.00133EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/04/06 6:33 p.m.5 views

EUVD-2026-19340

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Content field...

6AI score0.00133EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/06 6:33 p.m.4 views

Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Page Sign parameter

An authenticated stored cross-site scripting XSS vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Page Sign parameter...

5.4CVSS6AI score0.00169EPSS
Exploits1References4Affected Software1
Github Security Blog
Github Security Blog
added 2026/04/06 6:33 p.m.3 views

Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...

4.8CVSS6AI score0.00181EPSS
Exploits1References4Affected Software1
EUVD
EUVD
added 2026/04/06 6:33 p.m.3 views

EUVD-2026-19341

An authenticated stored cross-site scripting XSS vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Page Sign parameter...

6AI score0.00169EPSS
Exploits1References3
EUVD
EUVD
added 2026/04/06 6:33 p.m.4 views

EUVD-2026-19275

An authenticated stored cross-site scripting XSS vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Title parameter...

4.8CVSS6AI score0.00181EPSS
Exploits1References3
Github Security Blog
Github Security Blog
added 2026/04/06 6:33 p.m.5 views

Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Role Management module

An authenticated stored cross-site scripting XSS vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Role Name parameter...

5.4CVSS6AI score0.00211EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder