Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hongcms project hongcms 3.0.0 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2018-10265
An issue exists in HongCMS v3.0.0. There is a CSRF vulnerability that can add an administrator account via the admin/index.php/users/save URI.
Hongcms Project Hongcms 3.0.0
8.1
CVSSv3
CVE-2022-28523
HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax?action=delete.
Hongcms Project Hongcms 3.0.0
6.1
CVSSv3
CVE-2019-17611
HongCMS 3.0.0 has XSS via the install/index.php tableprefix parameter.
Hongcms Project Hongcms 3.0.0
4.8
CVSSv3
CVE-2018-10422
An issue exists in HongCMS 3.0.0. The post news feature has Stored XSS via the content field.
Hongcms Project Hongcms 3.0.0
6.1
CVSSv3
CVE-2019-17610
HongCMS 3.0.0 has XSS via the install/index.php dbpassword parameter.
Hongcms Project Hongcms 3.0.0
7.2
CVSSv3
CVE-2022-32412
An issue in the /template/edit component of HongCMS v3.0 allows malicious users to getshell.
Hongcms Project Hongcms 3.0.0
7.5
CVSSv3
CVE-2018-16774
HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/language/ajax?action=delete.
Hongcms Project Hongcms 3.0.0
6.1
CVSSv3
CVE-2019-17607
HongCMS 3.0.0 has XSS via the install/index.php servername parameter.
Hongcms Project Hongcms 3.0.0
6.1
CVSSv3
CVE-2019-17608
HongCMS 3.0.0 has XSS via the install/index.php dbname parameter.
Hongcms Project Hongcms 3.0.0
6.1
CVSSv3
CVE-2019-17609
HongCMS 3.0.0 has XSS via the install/index.php dbusername parameter.
Hongcms Project Hongcms 3.0.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »