pkg:Packagist/feehi/cms

21 total CVEsCRITICAL4HIGH2MEDIUM14

✅ Check your installed version

All known vulnerabilities

  • CRITICAL9.8CVE-2020-21489Liufee CMS File Upload vulnerability
    from 0, < 2.0.8.1
  • CRITICAL9.8CVE-2020-21174liufee CMS File Upload vulnerability
    from 0, < 2.0.8.1
  • CRITICAL9.8CVE-2020-21516FeehiCMS has an arbitrary file upload vulnerability
    from 0, < 2.0.8.1
  • CRITICAL9.1CVE-2021-30108Server-Side Request Forgery in Feehi CMS
    from 0, <= 2.1.1
  • HIGH8.8CVE-2022-34971Feehi CMS arbitrary code execution via crafted PHP file
    from 0, <= 2.1.1
  • HIGH7.2CVE-2020-22643Feehi CMS arbitrary file upload vulnerability
    from 0, <= 2.1.0-beta
  • MEDIUM6.5CVE-2025-65657FeehiCMS Has a Remote Code Execution via Unrestricted File Upload in Ad Management
    from 0, <= 2.1.1
  • MEDIUM6.3CVE-2024-8296FeehiCMS User[avatar] unrestricted upload
    from 0, <= 2.1.1
  • MEDIUM6.3CVE-2024-8295FeehiCMS BannerForm[img] unrestricted upload
    from 0, <= 2.1.1
  • MEDIUM6.3CVE-2024-8294FeehiCMS file upload vulnerability
    from 0, <= 2.1.1
  • MEDIUM6.1CVE-2022-43320FeehiCMS is vulnerable to Cross-Site Scripting (XSS)
    from 0, <= 2.1.1
  • MEDIUM6.1CVE-2022-38796Feehi CMS host header injection vulnerability
    from 0, <= 2.1.1
  • MEDIUM6.1CVE-2020-21146Feehi CMS vulnerable to Cross-site Scripting in Username Field
    from 0, < 2.0.8.1
  • MEDIUM5.4CVE-2026-31313Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module
  • MEDIUM5.4CVE-2026-31354Feehi CMS has authenticated stored cross-site scripting (XSS) vulnerabilities via the Permissions module
  • MEDIUM5.4CVE-2026-31353Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Category module
  • MEDIUM5.4CVE-2026-31352Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Role Management module
  • MEDIUM5.4CVE-2026-31350Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the Page Sign parameter
  • MEDIUM5.4CVE-2022-34140Feehi CMS Cross-site Scripting
    from 0, <= 2.1.1
  • MEDIUM4.8CVE-2026-31351Feehi CMS has an authenticated stored cross-site scripting (XSS) vulnerability via the creation/editing module
  • CVE-2020-21322Arbitrary Code Execution in feehi/cms
    from 0, < 2.0.8.1