Liufee
Products
2- 5 CVEs
- 0 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2020-21174 | Cri | 0.57 | 9.8 | 0.01 | Jun 20, 2023 | File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code via the image suffix function. | ||
| CVE-2025-65657 | 0.00 | — | 0.00 | Dec 2, 2025 | FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation,… | |||
| CVE-2025-63522 | 0.00 | — | 0.00 | Dec 1, 2025 | Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function | |||
| CVE-2025-63520 | 0.00 | — | 0.00 | Dec 1, 2025 | Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 via the id parameter of the User Update function (?r=user%2Fupdate). | |||
| CVE-2025-63523 | 0.00 | — | 0.00 | Dec 1, 2025 | FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username… |
- risk 0.57cvss 9.8epss 0.01
File Upload vulenrability in liufee CMS v.2.0.7.1 allows a remote attacker to execute arbitrary code via the image suffix function.
- CVE-2025-65657Dec 2, 2025risk 0.00cvss —epss 0.00
FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation,…
- CVE-2025-63522Dec 1, 2025risk 0.00cvss —epss 0.00
Reverse Tabnabbing vulnerability in FeehiCMS 2.1.1 in the Comments Management function
- CVE-2025-63520Dec 1, 2025risk 0.00cvss —epss 0.00
Cross Site Scripting (XSS) vulnerability in FeehiCMS 2.1.1 via the id parameter of the User Update function (?r=user%2Fupdate).
- CVE-2025-63523Dec 1, 2025risk 0.00cvss —epss 0.00
FeehiCMS version 2.1.1 fails to enforce server-side immutability for parameters that are presented to clients as "read-only." An authenticated attacker can intercept and modify the parameter in transit and the backend accepts the changes. This can lead to unintended username…