Hongcms Security Vulnerabilities and Issues — Hongcms CVE List

Lucene search

Hongcms ProjectHongcms

3 matches found

CVE•added 2022/04/26 9:15 p.m.•59 views

CVE-2022-28523

HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax?action=delete.

8.1CVSS8AI score0.00423EPSS

CVE•added 2023/06/20 3:15 p.m.•38 views

CVE-2020-21252

Cross Site Request Forgery vulnerability in Neeke HongCMS 3.0.0 allows a remote attacker to execute arbitrary code and escalate privileges via the updateusers parameter.

8.8CVSS9AI score0.00631EPSS

CVE•added 2018/04/22 1:29 a.m.•34 views

CVE-2018-10265

An issue was discovered in HongCMS v3.0.0. There is a CSRF vulnerability that can add an administrator account via the admin/index.php/users/save URI.

8.8CVSS8.6AI score0.00141EPSS