EUVD-2022-6693

Malicious code in bioql PyPI...

EUVD-2022-2721

Malicious code in bioql PyPI...

EUVD-2022-5305

Malicious code in bioql PyPI...

EUVD-2022-6367

Malicious code in bioql PyPI...

EUVD-2022-6204

Malicious code in bioql PyPI...

CVE-2022-40408

FeehiCMS v2.1.1 was discovered to contain a cross-site scripting XSS vulnerability via a crafted payload injected into the Comment box under the Single Page module...

CVE-2022-40373

Cross Site Scripting XSS vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file...

CVE-2022-40001

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page...

CVE-2022-38796

A Host Header Injection vulnerability in Feehi CMS 2.1.1 may allow an attacker to spoof a particular header. This can be exploited by abusing password reset emails...

CVE-2022-34971

An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2022-34140

A stored cross-site scripting XSS vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field...

CVE-2021-36573

File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload...

CVE-2021-36572

Cross Site Scripting XSS vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via the user name field of the login page...

CVE-2020-22643

Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files...

CVE-2020-21322

An arbitrary file upload vulnerability in Feehi CMS v2.0.8 and below allows attackers to execute arbitrary code via a crafted PHP file...

CVE-2020-21146

Feehi CMS 2.0.8 is affected by a cross-site scripting XSS vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS...

FeehiCMS 代码问题漏洞

FeehiCMS is a Php based CMS website builder by Liufee personal developer. A code issue vulnerability exists in FeehiCMS version 2.1.1 and prior versions, which originates from an unverified file upload vulnerability in the FriendlyLinkimage parameter of the /admin/index.php?r=friendly-link%2Fupda...

FeehiCMS 代码问题漏洞

FeehiCMS is a content management system CMS based on the Yii2 framework, aiming to provide Yii2 enthusiasts with a full-featured CMS system so that developers can focus more on the development of business functions. A security vulnerability exists in FeehiCMS. The vulnerability is related to the...

PT-2024-38922 · Feehicms · Feehicms

Name of the Vulnerable Software and Affected Versions: FeehiCMS versions up to 2.1.1 Description: A critical issue has been found in FeehiCMS, affecting the createBanner function of the file /admin/index.php?r=banner%2Fbanner-create. The manipulation of the argument BannerFormimg leads to...

Arbitrary Code Execution

feehi/cms is vulnerable to Arbitrary Code Execution. The vulnerability exists due to a lack of validation in the image suffix function, which allows an attacker to execute malicious code into the system...