RSS   Vulnerabilities for 'Feehi cms'   RSS

2021-05-24
 
CVE-2021-30108

CWE-918
 

 
Feehi CMS 2.1.1 is affected by a Server-side request forgery (SSRF) vulnerability. When the user modifies the HTTP Referer header to any url, the server can make a request to it.

 
2021-01-26
 
CVE-2020-22643

CWE-434
 

 
Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files.

 
 
CVE-2020-21146

CWE-79
 

 
Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS.

 

 >>> Vendor: Feehi 2 Products
Feehi cms
Feehicms


Copyright 2024, cxsecurity.com

 

Back to Top