VYPR

CMS

by Liufee

Source repositories

CVEs (5)

  • CVE-2020-21174CriJun 20, 2023
    risk 0.57cvss 9.8epss 0.01

    File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code via the image suffix function.

  • CVE-2025-65657Dec 2, 2025
    risk 0.00cvss epss 0.00

    FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation,…

  • CVE-2025-63523Dec 1, 2025
    risk 0.00cvss epss 0.00

    FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username…

  • CVE-2025-63522Dec 1, 2025
    risk 0.00cvss epss 0.00

    Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function

  • CVE-2025-63520Dec 1, 2025
    risk 0.00cvss epss 0.00

    Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 via the id parameter of the User Update function (?r=user%2Fupdate).