Every CVE whose affected-product data names Xiaocheng-keji 71cms, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-25187 — CVSS 8.6 (high): Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information…
CVE-2024-25166 — CVSS 6.1 (medium): Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute arbitrary code via the uploadfile action parameter…