CVE-2023-1565

A vulnerability was found in FeiFeiCMS 2.7.130201. It has been classified as problematic. This affects an unknown part of the file \Public\system\slideadd.html of the component Extension Tool. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. The...

CVE-2020-18418

A Cross site request forgery CSRF vulnerability was discovered in FeiFeiCMS v4.1.190209, which allows attackers to create administrator accounts via /index.php?s=Admin-Admin-Insert...

Catalog Traversal Vulnerability in FeiFeiCms v4.1

FeiFeiCms is a PHP movie program. FeiFeiCms v4.1 suffers from a directory traversal vulnerability, which stems from failing to filter the input of . / filter, an attacker can use this vulnerability to traverse the directory and obtain sensitive information...

Storage-based Cross-site Scripting Vulnerability in the Frontend of Feifei Movie Navigation System

FeiFeiCms is developed by PHP+Mysql technology and can run on windows and Linux system platform. A stored cross-site scripting vulnerability exists in the frontend of FeiFeiCms. Attackers can insert malicious js code into the page to obtain user cookies and other information, resulting in user...

CVE-2019-8412

FeiFeiCms 4.0.181010 on Windows allows remote attackers to read or delete arbitrary files via index.php?s=Admin-Data-Down-id-..\ or index.php?s=Admin-Data-Del-id-..\ directory traversal...

Arbitrary File Deletion Vulnerability in Feifei Movie Navigation System

FeiFei Film and TV Navigation System FeiFeiCms is a free and open source PHP movie program. FeiFeiCms is vulnerable to arbitrary file deletion. An attacker can exploit the vulnerability to delete arbitrary files...

Command Execution Vulnerability in Feifei Movie Navigation System

FeiFei Film and TV Navigation System FeiFeiCms is a free and open source PHP movie program. A command execution vulnerability exists in FeiFeiCms. An attacker can exploit the vulnerability to execute arbitrary code...