← Back to CVE List
CVE-2020-18178
Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component "/hcms/admin/index.php/language/ajax."
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt