2 matches found
PT-2023-11595 · Hongcms · Hongcms
Name of the Vulnerable Software and Affected Versions: HongCMS version 3.0 Description: The issue allows attackers to run arbitrary code via the callback parameter to the "/ajax/myshop" API endpoint. This enables attackers to execute malicious scripts, potentially leading to unauthorized access o...
HongCMS 跨站脚本漏洞
HongCMS is an open source lightweight content management system CMS. A cross-site scripting vulnerability exists in HongCMS version 3.0, which originates from running arbitrary code via the callback parameter of /ajax/myshop. An attacker can exploit this vulnerability to perform a cross-site...