Total
2 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-25187 | 1 Xiaocheng-keji | 1 71cms | 2025-06-10 | N/A | 8.6 HIGH |
Server Side Request Forgery (SSRF) vulnerability in 71cms v1.0.0, allows remote unauthenticated attackers to obtain sensitive information via getweather.html. | |||||
CVE-2024-25166 | 1 Xiaocheng-keji | 1 71cms | 2025-05-23 | N/A | 6.1 MEDIUM |
Cross Site Scripting vulnerability in 71CMS v.1.0.0 allows a remote attacker to execute arbitrary code via the uploadfile action parameter in the controller.php file. |