Shodan
Vulnerabilities
Vulnerable Software
Feehi:  Security Vulnerabilities
CVE-2022-40001
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-12-15
CVE-2022-40002
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-12-15
CVE-2022-40373
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-12-15
CVE-2020-20589
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-12-15
CVE-2020-36607
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.0.8 allows remote attackers to run arbitrary code via tha lang attribute of an html tag.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-12-15
CVE-2021-36572
Cross Site Scripting (XSS) vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via the user name field of the login page.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-12-15
CVE-2021-36573
File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload.
CVSS Score
5.4
EPSS Score
0.002
Published
2022-12-15
CVE-2022-4014
A vulnerability, which was classified as problematic, has been found in FeehiCMS. Affected by this issue is some unknown functionality of the component Post My Comment Tab. The manipulation leads to cross-site request forgery. The attack may be launched remotely. The identifier of this vulnerability is VDB-213788.
CVSS Score
4.3
EPSS Score
0.001
Published
2022-11-16
CVE-2022-43320
FeehiCMS v2.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at /web/admin/index.php?r=log%2Fview-layer.
CVSS Score
6.1
EPSS Score
0.003
Published
2022-11-09
CVE-2022-40408
FeehiCMS v2.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted payload injected into the Comment box under the Single Page module.
CVSS Score
5.4
EPSS Score
0.003
Published
2022-09-29


Products
Pricing
Contact Us

Shodan ® - All rights reserved