159 matches found
Server-Side Request Forgery in Feehi CMS
Feehi CMS 2.1.1 is affected by a Server-side request forgery SSRF vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it...
GHSA-GC45-J3M5-8QFQ Server-Side Request Forgery in Feehi CMS
Feehi CMS 2.1.1 is affected by a Server-side request forgery SSRF vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it...
Server-Side Request Forgery (SSRF)
feehi/cms is vulnerable to server-side request forgery. An attacker is able to modifies the HTTP Referer header and cause the server to make a request to the URL...
CVE-2021-30108
Feehi CMS 2.1.1 is affected by a Server-side request forgery SSRF vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it...
CVE-2021-30108
Feehi CMS 2.1.1 is affected by a Server-side request forgery SSRF vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it...
Server side request forgery (ssrf)
Feehi CMS 2.1.1 is affected by a Server-side request forgery SSRF vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it...
CVE-2021-30108
Feehi CMS 2.1.1 is affected by a Server-Side Request Forgery (SSRF). The vulnerability arises when an attacker modifies the HTTP Referer header to any URL, causing the Feehi CMS server to issue a request to that URL. This is described across multiple sources in the provided set (CVE-2021-30108 an...
CVE-2021-30108
Feehi CMS 2.1.1 is affected by a Server-side request forgery SSRF vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it...
Feehi CMS 代码问题漏洞
FeehiCMS is a Php-based CMS website builder by Liufee Personal Developer. Feehi CMS 2.1.1 suffers from a code issue vulnerability that stems from the server being able to send requests to any url when the user modifies the HTTP Referer header to it...
CVE-2020-21146
Feehi CMS 2.0.8 is affected by a cross-site scripting XSS vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS...
CVE-2020-22643
Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files...
CVE-2020-21146
Feehi CMS 2.0.8 is affected by a cross-site scripting XSS vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS...
CVE-2020-22643
Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files...
Privilege escalation
Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files...
Cross site scripting
Feehi CMS 2.0.8 is affected by a cross-site scripting XSS vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS...
CVE-2020-21146
CVE-2020-21146 affects Feehi CMS 2.0.8 with a cross-site scripting (XSS) vulnerability. The issue is triggered when a user name is inserted as JavaScript code and, upon browsing a post, the XSS can be executed. The provided connected documents confirm the vulnerability and its description across ...
CVE-2020-21146
Feehi CMS 2.0.8 is affected by a cross-site scripting XSS vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS...
CVE-2020-22643
Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files...
CVE-2020-22643
Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability that can lead to remote code execution. The issue arises after an administrator logs in and uses the administrator image upload page to upload files, indicating post-auth file upload handling without sufficient validation. The ...