feehi/cms Security Advisories (21)
-
[MEDIUM] Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module
PKSA-ssrk-53xg-dbbn CVE-2026-31313 GHSA-hj9c-p59c-vqph
Affected version: =2.1.1
Reported by:
GitHub -
[MEDIUM] Feehi CMS has authenticated stored cross-site scripting (XSS) vulnerabilities via the Permissions module
PKSA-rwph-3mr4-xjw2 CVE-2026-31354 GHSA-xqm9-6qmm-xrqh
Affected version: =2.1.1
Reported by:
GitHub -
[MEDIUM] Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Category module
PKSA-ws91-wc7w-vwjs CVE-2026-31353 GHSA-664p-j3q6-p843
Affected version: =2.1.1
Reported by:
GitHub -
[MEDIUM] Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Role Management module
PKSA-mqjt-q7xt-ffry CVE-2026-31352 GHSA-hqjc-wfvx-x2fv
Affected version: =2.1.1
Reported by:
GitHub -
[MEDIUM] Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module
PKSA-csfn-tqkm-331b CVE-2026-31351 GHSA-cvjh-88c8-2jjx
Affected version: =2.1.1
Reported by:
GitHub -
[MEDIUM] Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Page Sign parameter
PKSA-tgmx-kn2c-zmk2 CVE-2026-31350 GHSA-cgxr-v74v-g9mm
Affected version: =2.1.1
Reported by:
GitHub -
[MEDIUM] FeehiCMS Has a Remote Code Execution via Unrestricted File Upload in Ad Management
PKSA-8ccr-c5yg-83p5 CVE-2025-65657 GHSA-mcxq-54f4-mmx5
Affected version: <=2.1.1
Reported by:
GitHub -
[MEDIUM] FeehiCMS User[avatar] unrestricted upload
PKSA-8cd8-f42g-99sp CVE-2024-8296 GHSA-xp68-7g33-f49m
Affected version: <=2.1.1
Reported by:
GitHub -
[MEDIUM] FeehiCMS BannerForm[img] unrestricted upload
PKSA-y4fh-hd65-gg88 CVE-2024-8295 GHSA-3wrg-6mg5-jg2v
Affected version: <=2.1.1
Reported by:
GitHub -
[MEDIUM] FeehiCMS file upload vulnerability
PKSA-5kzz-4k72-td3k CVE-2024-8294 GHSA-xxqw-83c7-r24r
Affected version: <=2.1.1
Reported by:
GitHub -
[CRITICAL] Liufee CMS File Upload vulnerability
PKSA-pkmk-73y1-d6k1 CVE-2020-21489 GHSA-6vf2-mfmr-qqqw
Affected version: <2.0.8.1
Reported by:
GitHub -
[CRITICAL] liufee CMS File Upload vulnerability
PKSA-8cvh-znnt-2mw7 CVE-2020-21174 GHSA-q3q5-qvh5-cmw5
Affected version: <2.0.8.1
Reported by:
GitHub -
[MEDIUM] FeehiCMS is vulnerable to Cross-Site Scripting (XSS)
PKSA-7d83-1f15-m9mg CVE-2022-43320 GHSA-3ppm-fwhm-qqg6
Affected version: <=2.1.1
Reported by:
GitHub -
[MEDIUM] Feehi CMS host header injection vulnerability
PKSA-93nk-r66k-k8jd CVE-2022-38796 GHSA-4r4f-jrvw-h727
Affected version: <=2.1.1
Reported by:
GitHub -
[CRITICAL] FeehiCMS has an arbitrary file upload vulnerability
PKSA-p77z-d5nv-3fyq CVE-2020-21516 GHSA-jj62-mc3m-j769
Affected version: <2.0.8.1
Reported by:
GitHub -
[MEDIUM] Feehi CMS Cross-site Scripting
PKSA-r9q6-4fq5-fvhw CVE-2022-34140 GHSA-25q6-m425-9fqr
Affected version: <=2.1.1
Reported by:
GitHub -
[HIGH] Feehi CMS arbitrary code execution via crafted PHP file
PKSA-2ysr-5yvs-pzx5 CVE-2022-34971 GHSA-jxg9-2ch7-f552
Affected version: <=2.1.1
Reported by:
GitHub -
[MEDIUM] Feehi CMS vulnerable to Cross-site Scripting in Username Field
PKSA-mftk-qq2w-wcfw CVE-2020-21146 GHSA-v762-47vh-j7q3
Affected version: <=2.0.8
Reported by:
GitHub -
[HIGH] Feehi CMS arbitrary file upload vulnerability
PKSA-nqp4-6r7p-84mb CVE-2020-22643 GHSA-65x8-9vgm-5fg5
Affected version: <=2.1.0-beta
Reported by:
GitHub -
[HIGH] Arbitrary Code Execution in feehi/cms
PKSA-j779-ptq1-11j1 CVE-2020-21322 GHSA-rf3w-29h3-r636
Affected version: <=2.0.8
Reported by:
GitHub -
[CRITICAL] Server-Side Request Forgery in Feehi CMS
PKSA-kbwh-x95v-hfh5 CVE-2021-30108 GHSA-gc45-j3m5-8qfq
Affected version: <=2.1.1
Reported by:
GitHub