Lucene search
K

19 matches found

EUVD
EUVD
added 2025/12/01 3:30 p.m.5 views

EUVD-2025-200003

Cross Site Scripting XSS vulnerability in FeehiCMS 2.1.1 via the id parameter of the User Update function ?r=user%2Fupdate...

6.1CVSS5.5AI score0.00205EPSS
Exploits1References3
EUVD
EUVD
added 2025/12/01 3:30 p.m.4 views

EUVD-2025-200001

FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username changes...

6.5CVSS6.3AI score0.0023EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2025/12/01 12:0 a.m.8 views

PT-2025-48452

Cross Site Scripting XSS vulnerability in FeehiCMS 2.1.1 via the id parameter of the User Update function ?r=user%2Fupdate...

6AI score0.00205EPSS
Exploits1References3
OSV
OSV
added 2024/08/29 12:31 p.m.10 views

CVE-2024-8296 FeehiCMS index.php insert unrestricted upload

A vulnerability was found in FeehiCMS up to 2.1.1 and classified as critical. This issue affects the function insert of the file /admin/index.php?r=user%2Fcreate. The manipulation of the argument Useravatar leads to unrestricted upload. The attack may be initiated remotely. The exploit has been...

5.3CVSS6.2AI score0.00756EPSS
Exploits1References6
OSV
OSV
added 2022/12/15 9:30 p.m.13 views

GHSA-8VJP-HFGH-68RJ FeehiCMS Cross Site Scripting vulnerability

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page...

5.4CVSS5.3AI score0.00506EPSS
Exploits1References3
NVD
NVD
added 2022/12/15 7:15 p.m.18 views

CVE-2022-40000

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page...

5.4CVSS0.00506EPSS
Exploits1References1
NVD
NVD
added 2022/12/15 7:15 p.m.17 views

CVE-2022-40001

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page...

5.4CVSS0.00506EPSS
Exploits1References1
NVD
NVD
added 2022/12/15 7:15 p.m.25 views

CVE-2022-40002

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify...

5.4CVSS0.00506EPSS
Exploits1References1
Prion
Prion
added 2022/12/15 7:15 p.m.11 views

Cross site scripting

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page...

4.9CVSS5.5AI score0.00506EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2022/12/15 7:15 p.m.15 views

Cross site scripting

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page...

4.9CVSS5.5AI score0.00506EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2022/12/15 12:0 a.m.21 views

CVE-2022-40001

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page...

5.6AI score0.00506EPSS
Exploits1References1
Cvelist
Cvelist
added 2022/12/15 12:0 a.m.34 views

CVE-2022-40373

Cross Site Scripting XSS vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file...

5.6AI score0.00506EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2022/12/15 12:0 a.m.9 views

CVE-2022-40000

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page...

5.4AI score0.00506EPSS
Exploits1References1
OSV
OSV
added 2022/12/15 12:0 a.m.14 views

CVE-2022-40000

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page...

5.4CVSS5.4AI score0.00506EPSS
Exploits1References3
OSV
OSV
added 2022/12/15 12:0 a.m.15 views

CVE-2022-40002

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify...

5.4CVSS5.3AI score0.00506EPSS
Exploits1References3
CVE
CVE
added 2022/12/15 12:0 a.m.73 views

CVE-2022-40000

CVE-2022-40000 corresponds to a Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1, allowing remote attackers to execute arbitrary code via the username field on the admin login page. Affected product is FeehiCMS 2.1.1; the underlying issue is an XSS flaw in the username input path, with ...

5.4CVSS5.4AI score0.00506EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2022/12/15 12:0 a.m.77 views

CVE-2022-40001

CVE-2022-40001 affects FeehiCMS 2.1.1. The vulnerability is a reflected/stored Cross Site Scripting (XSS) in which an attacker can cause the application to execute arbitrary code through the title field on the create article page. Exploitation details are not elaborated beyond this vector in the ...

5.4CVSS5.4AI score0.00506EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2022/12/15 12:0 a.m.22 views

CVE-2022-40373

Cross Site Scripting XSS vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file...

5.4CVSS5.4AI score0.00506EPSS
Exploits1References3
OSV
OSV
added 2022/12/15 12:0 a.m.14 views

CVE-2022-40001

Cross Site Scripting XSS vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page...

5.4CVSS5.4AI score0.00506EPSS
Exploits1References3
Rows per page
Query Builder