Feehi Feehicms vulnerabilities
24 known vulnerabilities affecting feehi/feehicms.
Total CVEs
24
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL7HIGH1MEDIUM16
Vulnerabilities
Page 2 of 2
CVE-2022-40002P4MEDIUMCVSS 5.4v2.1.12022-12-15
CVE-2022-40002 [MEDIUM] CWE-79 CVE-2022-40002: Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.
ghsanvdosv
CVE-2022-40000P4MEDIUMCVSS 5.4v2.1.12022-12-15
CVE-2022-40000 [MEDIUM] CWE-79 CVE-2022-40000: Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page.
ghsanvdosv
CVE-2022-40408P4MEDIUMCVSS 5.4v2.1.12022-09-29
CVE-2022-40408 [MEDIUM] CWE-79 CVE-2022-40408: FeehiCMS v2.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted p
FeehiCMS v2.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted payload injected into the Comment box under the Single Page module.
ghsanvdosv
CVE-2022-4014P4MEDIUM≥ 0, ≤ 2.0.1.12022-11-16
CVE-2022-4014 [MEDIUM] CWE-352 Cross-Site Request Forgery in feehi/feehicms
Cross-Site Request Forgery in feehi/feehicms
FeehiCMS vulnerable to Cross-Site Request Forgery. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely.
ghsaosv
← Previous2 / 2