Lucene search
Shivam Singh1337DAY-ID-37902HistoryAug 09, 2022 - 12:00 a.m.
Feehi CMS 2.1.1 - Stored Cross-Site Scripting Vulnerability
2022-08-0900:00:00
Shivam Singh
0day.today
284
feehi cms
stored cross-site scripting
vulnerability
xss
linux
windows
docker
cve-2022-34140
EPSS
0.002
Percentile
64.7%
# Exploit Title: Feehi CMS 2.1.1 - Stored Cross-Site Scripting (XSS)
# Exploit Author: Shivam Singh
# Vendor Homepage: https://feehi.com/
# Software Link: https://github.com/liufee/cms
#Profile Link: https://www.linkedin.com/in/shivam-singh-3906b0203/
# Version: 2.1.1 (REQUIRED)
# Tested on: Linux, Windows, Docker
# CVE : CVE-2022-34140
# Proof of Concept:
1-Sing-up https://localhost.cms.feehi/
2-Inject The XSS Payload in Username:
"><script>alert(document.cookie)</script> fill all required fields and
click the SignUp button
3-Login to Your Account, Go to any article page then XSS will trigger.
Related
exploitdb
exploitdb
Feehi CMS 2.1.1 - Remote Code Execution (Authenticated)
2022-09-23 00:00:00
Feehi CMS 2.1.1 - Stored Cross-Site Scripting (XSS)
2022-08-09 00:00:00
osv
osv
Feehi CMS Cross-site Scripting
2022-07-29 00:00:47
CVE-2022-34140
2022-07-28 00:15:08
github
github
Feehi CMS Cross-site Scripting
2022-07-29 00:00:47
prion
prion
Cross site scripting
2022-07-28 00:15:00
cvelist
cvelist
CVE-2022-34140
2022-07-27 23:44:01
packetstorm
packetstorm
Feehi CMS 2.1.1 Cross Site Scripting
2022-08-09 00:00:00
Feehi CMS 2.1.1 Remote Code Execution
2022-09-23 00:00:00
nvd
nvd
CVE-2022-34140
2022-07-28 00:15:08
cve
cve
CVE-2022-34140
2022-07-28 00:15:08
zdt
zdt
Feehi CMS 2.1.1 - Remote Code Execution (Authenticated) Vulnerability
2022-09-23 00:00:00