Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline

Hongcms Project Security Vulnerabilities

cve
cve

CVE-2020-21252

Cross Site Request Forgery vulnerability in Neeke HongCMS 3.0.0 allows a remote attacker to execute arbitrary code and escalate privileges via the updateusers...

8.8CVSS

7.9AI Score

0.001EPSS

2023-06-20 03:15 PM
16
cve
cve

CVE-2020-21643

Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to...

6.1CVSS

6.6AI Score

0.001EPSS

2023-04-28 08:15 PM
12
cve
cve

CVE-2022-32411

An issue in the languages config file of HongCMS v3.0 allows attackers to...

7.2CVSS

6.9AI Score

0.001EPSS

2022-07-01 10:15 PM
33
4
cve
cve

CVE-2022-32412

An issue in the /template/edit component of HongCMS v3.0 allows attackers to...

7.2CVSS

6.9AI Score

0.001EPSS

2022-07-01 10:15 PM
28
4
cve
cve

CVE-2022-28523

HongCMS 3.0.0 allows arbitrary file deletion via the component...

8.1CVSS

8.1AI Score

0.001EPSS

2022-04-26 09:15 PM
48
cve
cve

CVE-2020-21431

HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component...

6.5CVSS

6.5AI Score

0.001EPSS

2021-10-04 09:15 PM
20
cve
cve

CVE-2020-18178

Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component...

9.8CVSS

9.2AI Score

0.011EPSS

2021-05-18 07:15 PM
20
2
cve
cve

CVE-2019-17608

HongCMS 3.0.0 has XSS via the install/index.php dbname...

6.1CVSS

6.2AI Score

0.002EPSS

2019-10-16 10:15 PM
69
cve
cve

CVE-2019-17609

HongCMS 3.0.0 has XSS via the install/index.php dbusername...

6.1CVSS

6.2AI Score

0.002EPSS

2019-10-16 10:15 PM
72
cve
cve

CVE-2019-17610

HongCMS 3.0.0 has XSS via the install/index.php dbpassword...

6.1CVSS

6.2AI Score

0.002EPSS

2019-10-16 10:15 PM
82
cve
cve

CVE-2019-17607

HongCMS 3.0.0 has XSS via the install/index.php servername...

6.1CVSS

6.2AI Score

0.002EPSS

2019-10-16 10:15 PM
75
cve
cve

CVE-2019-17611

HongCMS 3.0.0 has XSS via the install/index.php tableprefix...

6.1CVSS

6.2AI Score

0.002EPSS

2019-10-16 10:15 PM
70
cve
cve

CVE-2019-16867

HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to admin/index.php/database/ajax?action=delete, a similar issue to CVE-2018-16774. (If the attacker deletes config.php and visits install/index.php, they can reinstall the...

6.5CVSS

7.5AI Score

0.001EPSS

2019-09-25 12:15 PM
17
cve
cve

CVE-2019-8407

HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ in the filename parameter to the admin/index.php/language/edit...

6.5CVSS

7.3AI Score

0.001EPSS

2019-02-17 06:29 PM
16
cve
cve

CVE-2018-16774

HongCMS 3.0.0 allows arbitrary file deletion via a ../ in the file parameter to...

7.5CVSS

6.5AI Score

0.001EPSS

2018-09-10 04:29 AM
16
cve
cve

CVE-2018-13021

An issue was discovered in HongCMS 3.0.0. There is an Arbitrary Script File Upload issue that can result in PHP code execution via the admin/index.php/template/upload...

7.2CVSS

8.1AI Score

0.001EPSS

2018-06-29 05:29 PM
17
cve
cve

CVE-2018-12912

An issue wan discovered in admin\controllers\database.php in HongCMS 3.0.0. There is a SQL Injection vulnerability via an admin/index.php/database/operate?dbaction=emptytable&tablename=...

7.2CVSS

7.3AI Score

0.002EPSS

2018-06-27 06:29 PM
34
cve
cve

CVE-2018-12266

system\errors\404.php in HongCMS 3.0.0 has XSS via crafted input that triggers a 404 HTTP status...

6.1CVSS

6.2AI Score

0.001EPSS

2018-06-13 11:29 AM
19