Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Hkcms Subscribe
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-25761 1 Hkcms 1 Hkcms 2025-04-09 N/A 7.2 HIGH
HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the component Appcenter.php.
CVE-2024-52677 1 Hkcms 1 Hkcms 2025-03-13 N/A 9.8 CRITICAL
HkCms <= v2.3.2.240702 is vulnerable to file upload in the getFileName method in /app/common/library/Upload.php.
CVE-2023-40786 1 Hkcms 1 Hkcms 2024-11-21 N/A 5.4 MEDIUM
HKcms v2.3.0.230709 is vulnerable to Cross Site Scripting (XSS) allowing administrator cookies to be stolen.