Vulnerabilities > Hkcms
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-11-20 | CVE-2024-52677 | Unrestricted Upload of File with Dangerous Type vulnerability in Hkcms 2.3.0.230709 HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common/library/Upload.php. | 9.8 |
2023-09-11 | CVE-2023-40786 | Cross-site Scripting vulnerability in Hkcms 2.3.0.230709 HKcms v2.3.0.230709 is vulnerable to Cross Site Scripting (XSS) allowing administrator cookies to be stolen. | 5.4 |