pkg:Packagist/feehi/cms

All known vulnerabilities

• CRITICAL9.8CVE-2020-21489Liufee CMS File Upload vulnerability
  from 0, < 2.0.8.1
• CRITICAL9.8CVE-2020-21174liufee CMS File Upload vulnerability
  from 0, < 2.0.8.1
• CRITICAL9.8CVE-2020-21516FeehiCMS has an arbitrary file upload vulnerability
  from 0, < 2.0.8.1
• CRITICAL9.1Server-Side Request Forgery in Feehi CMS
  from 0, <= 2.1.1
• HIGH8.8Feehi CMS arbitrary code execution via crafted PHP file
  from 0, <= 2.1.1
• HIGH7.2Feehi CMS arbitrary file upload vulnerability
  from 0, <= 2.1.0-beta
• MEDIUM6.5FeehiCMS Has a Remote Code Execution via Unrestricted File Upload in Ad Management
  from 0, <= 2.1.1
• MEDIUM6.3FeehiCMS User[avatar] unrestricted upload
  from 0, <= 2.1.1
• MEDIUM6.3FeehiCMS BannerForm[img] unrestricted upload
  from 0, <= 2.1.1
• MEDIUM6.3FeehiCMS file upload vulnerability
  from 0, <= 2.1.1
• MEDIUM6.1FeehiCMS is vulnerable to Cross-Site Scripting (XSS)
  from 0, <= 2.1.1
• MEDIUM6.1Feehi CMS host header injection vulnerability
  from 0, <= 2.1.1
• MEDIUM6.1Feehi CMS vulnerable to Cross-site Scripting in Username Field
  from 0, < 2.0.8.1
• MEDIUM5.4Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module
• MEDIUM5.4Feehi CMS has authenticated stored cross-site scripting (XSS) vulnerabilities via the Permissions module
• MEDIUM5.4Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Category module
• MEDIUM5.4Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Role Management module
• MEDIUM5.4Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Page Sign parameter
• MEDIUM5.4Feehi CMS Cross-site Scripting
  from 0, <= 2.1.1
• MEDIUM4.8Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module
• —Arbitrary Code Execution in feehi/cms
  from 0, < 2.0.8.1