CVE-2019-16867

Name of the Vulnerable Software and Affected Versions HongCMS version 3.0.0

Description The issue allows for arbitrary file deletion by utilizing a ../ in the file parameter to the "admin/index.php/database/ajax" endpoint with the action set to delete. This can be exploited to delete critical files such as config.php, which, upon deletion, allows an attacker to reinstall the product by visiting install/index.php.

Recommendations For HongCMS version 3.0.0, as a temporary workaround, consider restricting access to the admin/index.php/database/ajax endpoint with the action parameter set to delete to minimize the risk of exploitation. Avoid using the file parameter in this endpoint until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.