Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hongcms project hongcms 3.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-21252
Cross Site Request Forgery vulnerability in Neeke HongCMS 3.0.0 allows a remote malicious user to execute arbitrary code and escalate privileges via the updateusers parameter.
Hongcms Project Hongcms 3.0.0
490
VMScore
CVE-2020-21431
HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit.
Hongcms Project Hongcms 3.0.0
NA
CVE-2020-21643
Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows malicious users to run arbitrary code via the callback parameter to /ajax/myshop.
Hongcms Project Hongcms 3.0.0
605
VMScore
CVE-2018-10265
An issue exists in HongCMS v3.0.0. There is a CSRF vulnerability that can add an administrator account via the admin/index.php/users/save URI.
Hongcms Project Hongcms 3.0.0
312
VMScore
CVE-2018-10422
An issue exists in HongCMS 3.0.0. The post news feature has Stored XSS via the content field.
Hongcms Project Hongcms 3.0.0
490
VMScore
CVE-2019-16867
HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/database/ajax?action=delete, a similar issue to CVE-2018-16774. (If the attacker deletes config.php and visits install/index.php, they can reinstall the product.)
Hongcms Project Hongcms 3.0.0
570
VMScore
CVE-2018-16774
HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/language/ajax?action=delete.
Hongcms Project Hongcms 3.0.0
383
VMScore
CVE-2019-17611
HongCMS 3.0.0 has XSS via the install/index.php tableprefix parameter.
Hongcms Project Hongcms 3.0.0
655
VMScore
CVE-2018-12912
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.
Hongcms Project Hongcms 3.0.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4946
CVE-2024-30309
CVE-2024-4761
CVE-2024-30051
type confusion
memory leak
CVE-2024-30293
reflected XSS
CVE-2024-3126
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2