Filtered by vendor Feehi
Subscriptions
Total
25 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2022-40000 | 1 Feehi | 1 Feehicms | 2024-08-03 | 5.4 Medium |
| Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page. | ||||
| CVE-2022-38796 | 1 Feehi | 1 Feehi Cms | 2024-08-03 | 6.1 Medium |
| A Host Header Injection vulnerability in Feehi CMS 2.1.1 may allow an attacker to spoof a particular header. This can be exploited by abusing password reset emails. | ||||
| CVE-2022-34971 | 1 Feehi | 1 Feehi Cms | 2024-08-03 | 8.8 High |
| An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file. | ||||
| CVE-2022-34140 | 1 Feehi | 1 Feehi Cms | 2024-08-03 | 5.4 Medium |
| A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field. | ||||
| CVE-2022-4014 | 1 Feehi | 1 Feehicms | 2024-08-03 | 4.3 Medium |
| A vulnerability, which was classified as problematic, has been found in FeehiCMS. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The identifier of this vulnerability is VDB-213788. | ||||