Vulnerabilities > Hongcms Project > Hongcms > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-04-28 CVE-2020-21643 Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0
Cross Site Scripting (XSS) vulnerability in HongCMS 3.0 allows attackers to run arbitrary code via the callback parameter to /ajax/myshop.
network
low complexity
hongcms-project CWE-79
6.1
2022-07-01 CVE-2022-32411 Unspecified vulnerability in Hongcms Project Hongcms 3.0.0
An issue in the languages config file of HongCMS v3.0 allows attackers to getshell.
network
low complexity
hongcms-project
6.5
2022-07-01 CVE-2022-32412 Unspecified vulnerability in Hongcms Project Hongcms 3.0.0
An issue in the /template/edit component of HongCMS v3.0 allows attackers to getshell.
network
low complexity
hongcms-project
6.5
2022-04-26 CVE-2022-28523 Path Traversal vulnerability in Hongcms Project Hongcms 3.0.0
HongCMS 3.0.0 allows arbitrary file deletion via the component /admin/index.php/template/ajax?action=delete.
network
low complexity
hongcms-project CWE-22
5.5
2021-10-04 CVE-2020-21431 Unspecified vulnerability in Hongcms Project Hongcms 3.0.0
HongCMS v3.0 contains an arbitrary file read and write vulnerability in the component /admin/index.php/template/edit.
network
low complexity
hongcms-project
5.5
2019-10-16 CVE-2019-17611 Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0
HongCMS 3.0.0 has XSS via the install/index.php tableprefix parameter.
4.3
2019-10-16 CVE-2019-17610 Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0
HongCMS 3.0.0 has XSS via the install/index.php dbpassword parameter.
4.3
2019-10-16 CVE-2019-17609 Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0
HongCMS 3.0.0 has XSS via the install/index.php dbusername parameter.
4.3
2019-10-16 CVE-2019-17608 Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0
HongCMS 3.0.0 has XSS via the install/index.php dbname parameter.
4.3
2019-10-16 CVE-2019-17607 Cross-site Scripting vulnerability in Hongcms Project Hongcms 3.0.0
HongCMS 3.0.0 has XSS via the install/index.php servername parameter.
4.3