CVE-2020-22643

Published: Jan 26, 2021Modified: Nov 21, 2024

7.2

Vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Exploitability: 1.2 / Impact: 5.9

Source: NVD

Description

Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an administrator logs in, open the administrator image upload page to potentially upload malicious files.

Affected (1)

Products: Feehi: Feehi Cms

Feehi

1 product

Feehi Cms

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Feehi Feehi Cms	Version 2.1.0

Related CWEs

CWE-434

Unrestricted Upload of File with Dangerous Type

The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.

References (2)

https://github.com/liufee/cms/issues/51

Source: cve@mitre.org

ExploitIssue TrackingThird Party Advisory

https://github.com/liufee/cms/issues/51

Source: af854a3a-2127-422b-91ae-364da2661108

ExploitIssue TrackingThird Party Advisory

Timeline

No history available yet.