ReportizFlow
Filtered by vendor Xiaocheng-keji
Subscriptions
Filtered by product 71cms
Subscriptions
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2024-25187 | 1 Xiaocheng-keji | 1 71cms | 2025-06-10 | 8.6 High |
| Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html. | ||||
| CVE-2024-25166 | 1 Xiaocheng-keji | 1 71cms | 2025-05-23 | 6.1 Medium |
| Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute arbitrary code via the uploadfile action parameter in the controller.php file. | ||||
Page 1 of 1.