CVE-2019-17610

Name of the Vulnerable Software and Affected Versions HongCMS version 3.0.0

Description The issue is related to a security problem where an attacker can inject malicious code. The estimated number of potentially affected devices is not provided. Technical details about exploitation include the dbpassword parameter in the "install/index.php" endpoint.

Recommendations For HongCMS version 3.0.0, update to a version that fixes this issue to prevent exploitation. As a temporary workaround, consider restricting access to the dbpassword parameter in the "install/index.php" endpoint until a patch is available.