Vulnerabilities > 74Cms

DATE	CVE	VULNERABILITY TITLE	RISK
2022-10-17	CVE-2022-41471	Unspecified vulnerability in 74Cms 74Cmsse 3.12.0 74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account. network low complexity 74cms	6.5
2022-10-17	CVE-2022-41472	Cross-site Scripting vulnerability in 74Cms 74Cmsse 3.12.0 74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. network low complexity 74cms CWE-79	5.4
2022-10-17	CVE-2022-42154	Unrestricted Upload of File with Dangerous Type vulnerability in 74Cms 74Cmsse 3.13.0 An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file. network low complexity 74cms CWE-434 critical	9.8
2022-06-23	CVE-2022-32124	Cross-site Scripting vulnerability in 74Cms 74Cmsse 3.5.1 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /index/jobfairol/show/. network 74cms CWE-79	4.3
2022-06-23	CVE-2022-32125	Cross-site Scripting vulnerability in 74Cms 74Cmsse 3.5.1 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /job. network 74cms CWE-79	4.3
2022-06-23	CVE-2022-32126	Cross-site Scripting vulnerability in 74Cms 74Cmsse 3.5.1 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company. network 74cms CWE-79	4.3
2022-06-23	CVE-2022-32127	Cross-site Scripting vulnerability in 74Cms 74Cmsse 3.5.1 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/view_be_browsed/total. network 74cms CWE-79	4.3
2022-06-23	CVE-2022-32128	Cross-site Scripting vulnerability in 74Cms 74Cmsse 3.5.1 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/service/increment/add/im. network 74cms CWE-79	4.3
2022-06-23	CVE-2022-32129	Cross-site Scripting vulnerability in 74Cms 74Cmsse 3.5.1 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/account/safety/trade. network 74cms CWE-79	4.3
2022-06-23	CVE-2022-32130	Cross-site Scripting vulnerability in 74Cms 74Cmsse 3.5.1 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/down_resume/total/nature. network 74cms CWE-79	4.3

Vulnerabilities > 74Cms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"74Cms"}]}

Vulnerabilities > 74Cms