CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Xiaocheng-Keji: Security Vulnerabilities

CVE-2024-25187

Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html.

CVSS Score

8.6

EPSS Score

0.009

Published

2024-04-02

CVE-2024-25166

Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute arbitrary code via the uploadfile action parameter in the controller.php file.

CVSS Score

6.1

EPSS Score

0.002

Published

2024-02-27

Page 1

Vulnerabilities

Vulnerable Software

Xiaocheng-Keji: Security Vulnerabilities

Products

Pricing

Contact Us