Lucene search
GitHub Advisory DatabaseGHSA-67MH-HW8V-X8V9HistoryDec 15, 2022 - 9:30 p.m.
FeehiCMS Unrestricted Upload vulnerability
2022-12-1521:30:29
CWE-79
CWE-434
GitHub Advisory Database
github.com
15
feehicms
unrestricted upload
file upload
vulnerability
arbitrary code
crafted image
software
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
23.5%
File Upload vulnerability in Feehi CMS thru 2.1.1 allows attackers to run arbitrary code via crafted image upload.
Affected configurations
Node
feehifeehicmsRange≤2.1.1
| CPE | Name | Operator | Version |
|---|---|---|---|
| feehi/feehicms | le | 2.1.1 |
Related
prion
prion
Unrestricted file upload
2022-12-15 19:15:00
osv
osv
FeehiCMS Unrestricted Upload vulnerability
2022-12-15 21:30:29
CVE-2021-36573
2022-12-15 19:15:15
nvd
nvd
CVE-2021-36573
2022-12-15 19:15:15
cve
cve
CVE-2021-36573
2022-12-15 19:15:15
cvelist
cvelist
CVE-2021-36573
2022-12-15 00:00:00
5.4 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
REQUIRED
Scope
CHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
0.001 Low
EPSS
Percentile
23.5%
Related for GHSA-67MH-HW8V-X8V9