Every CVE whose affected-product data names Feehi Feehi Cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (12)
CVE-2021-30108 — CVSS 9.1 (critical): Feehi CMS 2.1.1 is affected by a Server-side request forgery (SSRF) vulnerability. When the user modifies the HTTP Referer header to any…
CVE-2022-34971 — CVSS 8.8 (high): An arbitrary file upload vulnerability in the Advertising Management module of Feehi CMS v2.1.1 allows attackers to execute arbitrary code…
CVE-2020-22643 — CVSS 7.2 (high): Feehi CMS 2.1.0 is affected by an arbitrary file upload vulnerability, potentially resulting in remote code execution. After an…
CVE-2020-21146 — CVSS 6.1 (medium): Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerability. When the user name is inserted as JavaScript code, browsing the…
CVE-2022-38796 — CVSS 6.1 (medium): A Host Header Injection vulnerability in Feehi CMS 2.1.1 may allow an attacker to spoof a particular header. This can be exploited by…
CVE-2026-31353 — CVSS 5.4 (medium): An authenticated stored cross-site scripting (XSS) vulnerability in the Category module of Feehi CMS v2.1.1 allows attackers to execute…
CVE-2026-31354 — CVSS 5.4 (medium): Multiple authenticated stored cross-site scripting (XSS) vulnerabilities in the Permissions module of Feehi CMS v2.1.1 allows attackers to…
CVE-2022-34140 — CVSS 5.4 (medium): A stored cross-site scripting (XSS) vulnerability in /index.php?r=site%2Fsignup of Feehi CMS v2.1.1 allows attackers to execute arbitrary…
CVE-2026-31313 — CVSS 5.4 (medium): An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to…
CVE-2026-31350 — CVSS 5.4 (medium): An authenticated stored cross-site scripting (XSS) vulnerability in Feehi CMS v2.1.1 allows attackers to execute arbitrary web scripts or…
CVE-2026-31352 — CVSS 5.4 (medium): An authenticated stored cross-site scripting (XSS) vulnerability in the Role Management module of Feehi CMS v2.1.1 allows attackers to…
CVE-2026-31351 — CVSS 4.8 (medium): An authenticated stored cross-site scripting (XSS) vulnerability in the creation/editing module of Feehi CMS v2.1.1 allows attackers to…