Vulnerabilities > 74Cms

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-32131 Cross-site Scripting vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /index/notice/show.
network
low complexity
74cms CWE-79
6.1
2022-06-23 CVE-2022-33092 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index.
network
low complexity
74cms CWE-89
7.5
2022-06-23 CVE-2022-33093 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list.
network
low complexity
74cms CWE-89
7.5
2022-06-23 CVE-2022-33094 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map.
network
low complexity
74cms CWE-89
7.5
2022-06-23 CVE-2022-33095 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
network
low complexity
74cms CWE-89
7.5
2022-06-23 CVE-2022-33096 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index.
network
low complexity
74cms CWE-89
7.5
2022-06-23 CVE-2022-33097 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job.
network
low complexity
74cms CWE-89
7.5
2022-05-26 CVE-2022-29720 Files or Directories Accessible to External Parties vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component \index\controller\Download.php.
network
low complexity
74cms CWE-552
7.5
2022-05-26 CVE-2022-29721 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
network
low complexity
74cms CWE-89
7.5
2022-03-28 CVE-2022-26271 Files or Directories Accessible to External Parties vulnerability in 74Cms 3.4.1
74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php.
network
low complexity
74cms CWE-552
7.5