Filtered by vendor Xiaocheng-keji
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-25187 | 1 Xiaocheng-keji | 1 71cms | 2025-06-10 | N/A | 8.6 HIGH |
|
Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html.
|
|||||
| CVE-2024-25166 | 1 Xiaocheng-keji | 1 71cms | 2025-05-23 | N/A | 6.1 MEDIUM |
|
Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute arbitrary code via the uploadfile action parameter in the controller.php file.
|
|||||