Hongcms@3.0.0 Security Vulnerabilities and Issues — Hongcms@3.0.0 CVE List

Lucene search

Hongcms ProjectHongcms3.0.0

2 matches found

CVE•added 2023/06/20 3:15 p.m.•38 views

CVE-2020-21252

Cross Site Request Forgery vulnerability in Neeke HongCMS 3.0.0 allows a remote attacker to execute arbitrary code and escalate privileges via the updateusers parameter.

8.8CVSS9AI score0.00631EPSS

CVE•added 2023/04/28 8:15 p.m.•34 views

CVE-2020-21643

Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop.

6.1CVSS6AI score0.00071EPSS