Vulnerabilities > Feifeicms > Critical
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-04-22 | CVE-2020-17564 | Path Traversal vulnerability in Feifeicms 4.0 Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to the " Admin/DataAction.class.php" component. | 9.1 |
| 2021-04-22 | CVE-2020-17563 | Path Traversal vulnerability in Feifeicms 4.0 Path Traversal in FeiFeiCMS v4.0 allows remote attackers to delete arbitrary files by sending a crafted HTTP request to " /index.php?s=/admin-tpl-del&id=". | 9.1 |
| 2019-03-14 | CVE-2019-9825 | Unrestricted Upload of File with Dangerous Type vulnerability in Feifeicms 4.1.190209 FeiFeiCMS 4.1.190209 allows remote attackers to upload and execute arbitrary PHP code by visiting index.php?s=Admin-Index to modify the set of allowable file extensions, as demonstrated by adding php to the default jpg,gif,png,jpeg setting, and then using the "add article" feature. | 9.8 |