Shivamking05675

Name of the Vulnerable Software and Affected Versions: Subrion CMS version 4.2.1 Description: An issue was discovered that allows authenticated administrators or moderators with access to the built-in Run SQL Query feature under the SQL Tool admin panel to gain escalated privileges in the context of the SQL query tool. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Feehi CMS version 2.1.1 **Description** A stored cross-site scripting (XSS) issue exists in the `/index.php?r=site%2Fsignup` endpoint of Feehi CMS, allowing attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the `username` field. **Recommendations** For Feehi CMS version 2.1.1, update to a version that fixes this issue, as the current version allows for the execution of arbitrary web scripts or HTML. At the moment, there is no information about a newer version that contains a fix for this vulnerability.