Vulnerabilities > Feehi > Feehi CMS
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-14 | CVE-2022-38796 | Injection vulnerability in Feehi CMS 2.1.1 A Host Header Injection vulnerability in Feehi CMS 2.1.1 may allow an attacker to spoof a particular header. | 6.1 |
| 2022-07-28 | CVE-2022-34140 | Cross-site Scripting vulnerability in Feehi CMS 2.1.1 A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the username field. | 5.4 |
| 2022-07-27 | CVE-2022-34971 | Unrestricted Upload of File with Dangerous Type vulnerability in Feehi CMS 2.1.1 An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file. | 8.8 |
| 2021-05-24 | CVE-2021-30108 | Server-Side Request Forgery (SSRF) vulnerability in Feehi CMS 2.1.1 Feehi CMS 2.1.1 is affected by a Server-side request forgery (SSRF) vulnerability. | 9.1 |
| 2021-01-26 | CVE-2020-22643 | Unrestricted Upload of File with Dangerous Type vulnerability in Feehi CMS 2.1.0 Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. | 7.2 |
| 2021-01-26 | CVE-2020-21146 | Cross-site Scripting vulnerability in Feehi CMS 2.0.8 Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerability. | 6.1 |