feehi

Top products

The 15 most recently published vulnerabilities affecting feehi.

• CVE-2026-31354Multiple authenticated stored cross-site scripting (XSS) vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a craf...5.4Apr 6, 2026
• CVE-2026-31353An authenticated stored cross-site scripting (XSS) vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload...5.4Apr 6, 2026
• CVE-2026-31352An authenticated stored cross-site scripting (XSS) vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted ...5.4Apr 6, 2026
• CVE-2026-31351An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted...4.8Apr 6, 2026
• CVE-2026-31350An authenticated stored cross-site scripting (XSS) vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the Page Sign par...5.4Apr 6, 2026
• CVE-2026-31313An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted...5.4Apr 6, 2026
• CVE-2025-15264FeehiCMS TimThumb timthumb.php server-side request forgery7.3Dec 30, 2025
• CVE-2025-65657FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later ...6.5Dec 2, 2025
• CVE-2025-63523FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in tra...6.5Dec 1, 2025
• CVE-2025-63522Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function4.6Dec 1, 2025
• CVE-2025-63520Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 via the id parameter of the User Update function (?r=user%2Fupdate).6.1Dec 1, 2025
• CVE-2024-8296FeehiCMS index.php insert unrestricted upload6.3Aug 29, 2024
• CVE-2024-8295FeehiCMS index.php createBanner unrestricted upload6.3Aug 29, 2024
• CVE-2024-8294FeehiCMS index.php update unrestricted upload6.3Aug 29, 2024
• CVE-2020-21489File Upload vulnerability in Feehicms v.2.0.8 allows a remote attacker to execute arbitrary code via the /admin/index.php?r=admin-user%2Fupdate-self component.9.8Jun 20, 2023