Critical severity9.8NVD Advisory· Published May 18, 2021· Updated Jun 17, 2026
CVE-2020-18178
CVE-2020-18178
Description
Path Traversal in HongCMS v4.0.0 allows remote attackers to view, edit, and delete arbitrary files via a crafted POST request to the component "/hcms/admin/index.php/language/ajax."
Affected products
2- HongCMS/HongCMSdescription
Patches
Vulnerability mechanics
References
1- github.com/Neeke/HongCMS/issues/11nvdExploitIssue TrackingThird Party Advisory
News mentions
0No linked articles in our index yet.