Vulnerability Details CVE-2024-52677
HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common/library/Upload.php.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 46.2%
CVSS Severity
CVSS v3 Score 9.8
Products affected by CVE-2024-52677
-
-
cpe:2.3:a:hkcms:hkcms:2.3.0.230709
-
cpe:2.3:a:hkcms:hkcms:2.3.0.230712
-
cpe:2.3:a:hkcms:hkcms:2.3.0.230726
-
cpe:2.3:a:hkcms:hkcms:2.3.0.230813
-
cpe:2.3:a:hkcms:hkcms:2.3.1.231022
-
cpe:2.3:a:hkcms:hkcms:2.3.1.231120
-
cpe:2.3:a:hkcms:hkcms:2.3.2.240525
-
cpe:2.3:a:hkcms:hkcms:2.3.2.240702