Browse all 3 CVE security advisories affecting FeMiner. AI-powered Chinese analysis, POCs, and references for each vulnerability.
FeMiner is a web vulnerability scanner focused on identifying security flaws in web applications. It primarily targets common vulnerability classes including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation vulnerabilities. The tool has been associated with three CVEs, primarily related to improper input validation and insufficient access controls. While no major security incidents have been publicly documented, FeMiner's scanning capabilities have made it notable in both defensive and offensive security circles. The tool's effectiveness lies in its ability to automate the detection of well-known web vulnerabilities, though users should remain aware of potential false positives and the need for manual verification of findings.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2026-3969 | FeMiner wms Basic Organizational Structure depart_add_bg.php sql injection — wmsCWE-89 | 7.3 | High | 2026-03-12 |
| CVE-2026-1059 | FeMiner wms chkuser.php sql injection — wmsCWE-89 | 7.3 | High | 2026-01-17 |
| CVE-2022-4272 | FeMiner wms unrestricted upload — wmsCWE-266 | 6.3 | Medium | 2022-12-03 |
This page lists every published CVE security advisory associated with FeMiner. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.