Vulnerabilities > Feehi > Feehicms > 2.0.8

DATE CVE VULNERABILITY TITLE RISK
2023-06-20 CVE-2020-21489 Unrestricted Upload of File with Dangerous Type vulnerability in Feehi Feehicms 2.0.8
File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self component.
network
low complexity
feehi CWE-434
critical
 9.8
9.8
2022-12-15 CVE-2020-20589 Cross-site Scripting vulnerability in Feehi Feehicms 2.0.8
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.
network
low complexity
feehi CWE-79
6.1
6.1
2022-12-15 CVE-2020-36607 Cross-site Scripting vulnerability in Feehi Feehicms 2.0.8
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.
network
low complexity
feehi CWE-79
6.1
6.1