Note:
This project will be discontinued after December 13, 2021. [more]
Product:
71cms
(Xiaocheng\-Keji)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 2 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-04-02 | CVE-2024-25187 | Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html. | 71cms | N/A | ||
| 2024-02-27 | CVE-2024-25166 | Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute arbitrary code via the uploadfile action parameter in the controller.php file. | 71cms | N/A |