Vulnerability Details CVE-2019-8407
HongCMS 3.0.0 allows arbitrary file read and write operations via a ../ in the filename parameter to the admin/index.php/language/edit URI.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 64.9%
CVSS Severity
CVSS v3 Score 6.5
CVSS v2 Score 5.5
Products affected by CVE-2019-8407
-
cpe:2.3:a:hongcms_project:hongcms:3.0.0