CVE-2020-21516

CRITICAL

Feehicms < 2.0.8.1 - Unrestricted File Upload

Title source: rule

Description

There is an arbitrary file upload vulnerability in FeehiCMS 2.0.8 at the head image upload, that allows attackers to execute relevant PHP code.

References (1)

Scores

CVSS v3 9.8
EPSS 0.0043
EPSS Percentile 62.9%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

CWE
CWE-434
Status published
Products (2)
feehi/cms 0 - 2.0.8.1Packagist
feehi/feehicms 2.0.8
Published Sep 06, 2022
Tracked Since Feb 18, 2026