CVE-2022-34971
published 2022-07-27CVE-2022-34971: An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP…
PriorityP350high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
0.98%
57.9th percentile
An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| feehi | cms | 0 – 2.1.1 | — |
| feehi | feehi_cms | — | — |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Feehi CMS arbitrary code execution via crafted PHP file
ghsa·2022-07-28
CVE-2022-34971 [HIGH] CWE-434 Feehi CMS arbitrary code execution via crafted PHP file
Feehi CMS arbitrary code execution via crafted PHP file
An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file.
OSV
Feehi CMS arbitrary code execution via crafted PHP file
osv·2022-07-28
CVE-2022-34971 [HIGH] Feehi CMS arbitrary code execution via crafted PHP file
Feehi CMS arbitrary code execution via crafted PHP file
An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code via a crafted PHP file.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2022-07-27
Published