Tatsumaki002

**Name of the Vulnerable Software and Affected Versions** Feehicms version 2.0.8 **Description** The issue allows a remote attacker to execute arbitrary code via the "/admin/index.php?r=admin-user%2Fupdate-self" component. This is a File Upload vulnerability, which can be exploited by a remote attacker. **Recommendations** For Feehicms version 2.0.8, consider disabling the file upload functionality in the `/admin/index.php?r=admin-user%2Fupdate-self` component until a patch is available. Restrict access to this component to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** FeehiCMS versions 2.0.8 through 2.0.8.1 **Description** The issue is related to an arbitrary file upload vulnerability at the head image upload, allowing attackers to execute relevant PHP code. **Recommendations** For FeehiCMS version 2.0.8, update to a version that fixes the arbitrary file upload vulnerability. For FeehiCMS version 2.0.8.1, update to a version that fixes the arbitrary file upload vulnerability.