Show filters
6 Total Results
Displaying 1-6 of 6
Sort by:
Attacker Value
Unknown

CVE-2022-40373

Disclosure Date: December 15, 2022 (last updated February 24, 2025)
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 allows remote attackers to run arbitrary code via upload of crafted XML file.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-40002

Disclosure Date: December 15, 2022 (last updated February 24, 2025)
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbirtary code via the callback parameter to /cms/notify.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-40001

Disclosure Date: December 15, 2022 (last updated February 24, 2025)
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the title field of the create article page.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-40000

Disclosure Date: December 15, 2022 (last updated February 24, 2025)
Cross Site Scripting (XSS) vulnerability in FeehiCMS-2.1.1 allows remote attackers to run arbitrary code via the username field of the admin log in page.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-43320

Disclosure Date: November 09, 2022 (last updated February 24, 2025)
FeehiCMS v2.1.1 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the id parameter at /web/admin/index.php?r=log%2Fview-layer.
Attack Vector: NetworkPrivileges: NoneUser Interaction: Required
0
0
Attacker Value
Unknown

CVE-2022-40408

Disclosure Date: September 29, 2022 (last updated February 24, 2025)
FeehiCMS v2.1.1 was discovered to contain a cross-site scripting (XSS) vulnerability via a crafted payload injected into the Comment box under the Single Page module.
Attack Vector: NetworkPrivileges: LowUser Interaction: Required
0
0