159 matches found
CVE-2022-34140
CVE-2022-34140 describes a stored Cross‑Site Scripting (XSS) vulnerability in Feehi CMS v2.1.1, exploitable via the username field during signup at /index.php?r=site%2Fsignup. Multiple connected sources (Exploit DB and PacketStorm) provide PoCs showing XSS payloads that trigger on sign‑up or logi...
CVE-2022-34971
An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-34971
An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-34971
An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2022-34971
CVE-2022-34971 describes an arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1. The root cause is insufficient validation of uploaded files, allowing a crafted PHP file to be uploaded and executed, enabling remote code execution. The severity is high (CVS...
PT-2022-22467 · Feehicms · Feehicms
Name of the Vulnerable Software and Affected Versions: Feehi CMS version 2.1.1 Description: An arbitrary file upload vulnerability in the Advertising Management module allows attackers to execute arbitrary code via a crafted PHP file. Recommendations: For Feehi CMS version 2.1.1, consider disabli...
PT-2022-22021 · Feehicms · Feehicms
Name of the Vulnerable Software and Affected Versions: Feehi CMS version 2.1.1 Description: A stored cross-site scripting XSS issue exists in the /index.php?r=site%2Fsignup endpoint of Feehi CMS, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the...
FeehiCMS 跨站脚本漏洞
FeehiCMS is a Php-based CMS website builder by Liufee Personal Developer. A security vulnerability exists in FeehiCMS version v2.1.1, which originates from a vulnerability that allows attackers to execute arbitrary web script or HTML by injecting a payload into the username field...
GHSA-V762-47VH-J7Q3 Feehi CMS vulnerable to Cross-site Scripting in Username Field
Feehi CMS 2.0.8 is affected by a cross-site scripting XSS vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS...
Feehi CMS vulnerable to Cross-site Scripting in Username Field
Feehi CMS 2.0.8 is affected by a cross-site scripting XSS vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS...
GHSA-65X8-9VGM-5FG5 Feehi CMS arbitrary file upload vulnerability
Feehi CMS 2.1.0-beta is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files...
Feehi CMS arbitrary file upload vulnerability
Feehi CMS 2.1.0-beta is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files...
Feehi CMS Remote Code Execution (CVE-2020-21322)
A remote code execution vulnerability exists in Feehi CMS. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...
GHSA-RF3W-29H3-R636 Arbitrary Code Execution in feehi/cms
An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file...
Arbitrary Code Execution in feehi/cms
An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2020-21322
An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2020-21322
An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file...
Design/Logic Flaw
An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2020-21322
An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file...
CVE-2020-21322
CVE-2020-21322 is an arbitrary file upload vulnerability in Feehi CMS v2.0.8 and earlier that allows an attacker to execute arbitrary PHP code via a crafted file. Affected: Feehi CMS (PHP-based). Root cause: improper handling of uploaded files enabling code execution. Impact: remote code executio...