Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
hongcms project hongcms 3.0.0 vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2020-21252
Cross Site Request Forgery vulnerability in Neeke HongCMS 3.0.0 allows a remote malicious user to execute arbitrary code and escalate privileges via the updateusers parameter.
Hongcms Project Hongcms 3.0.0
655
VMScore
CVE-2018-12912
An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename= URI.
Hongcms Project Hongcms 3.0.0
1 EDB exploit
801
VMScore
CVE-2018-13021
An issue exists in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload URI.
Hongcms Project Hongcms 3.0.0
490
VMScore
CVE-2019-8407
HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ in the filename parameter to the admin/index.php/language/edit URI.
Hongcms Project Hongcms 3.0.0
383
VMScore
CVE-2019-17607
HongCMS 3.0.0 has XSS via the install/index.php servername parameter.
Hongcms Project Hongcms 3.0.0
490
VMScore
CVE-2020-21431
HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit.
Hongcms Project Hongcms 3.0.0
383
VMScore
CVE-2019-17609
HongCMS 3.0.0 has XSS via the install/index.php dbusername parameter.
Hongcms Project Hongcms 3.0.0
383
VMScore
CVE-2018-12266
system\errors\404.php in HongCMS 3.0.0 has XSS via crafted input that triggers a 404 HTTP status code.
Hongcms Project Hongcms 3.0.0
383
VMScore
CVE-2019-17610
HongCMS 3.0.0 has XSS via the install/index.php dbpassword parameter.
Hongcms Project Hongcms 3.0.0
605
VMScore
CVE-2018-10265
An issue exists in HongCMS v3.0.0. There is a CSRF vulnerability that can add an administrator account via the admin/index.php/users/save URI.
Hongcms Project Hongcms 3.0.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3201
CVE-2024-4779
CVE-2024-35090
CVE-2024-5084
hard-coded
CVE-2024-4985
HTML injection
CVE-2024-33655
local file inclusion
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »