CVE-2020-21643

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

CVE-2020-21643

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

Cross site scripting

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

CVE-2020-21643

HongCMS 3.0 is affected by a Cross Site Scripting (XSS) vulnerability that allows an attacker to run arbitrary code via the callback parameter to /ajax/myshop. Affected component: HongCMS 3.0; root cause: unsanitized callback parameter in the /ajax/myshop endpoint. Impact per sources: XSS with po...

CVE-2020-21643

Cross Site Scripting XSS vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop...

CVE-2022-32411

An issue in the languages config file of HongCMS v3.0 allows attackers to getshell...

CVE-2020-21431

HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit...