Vulnerabilities > 74Cms

DATE CVE VULNERABILITY TITLE RISK
2019-04-01 CVE-2019-10684 Code Injection vulnerability in 74Cms 5.0.1
Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter.
network
low complexity
74cms CWE-94
critical
9.8
2018-12-27 CVE-2018-20519 Improper Input Validation vulnerability in 74Cms 4.2.111
An issue was discovered in 74cms v4.2.111.
network
low complexity
74cms CWE-20
8.1
2018-12-25 CVE-2018-20454 Cross-site Scripting vulnerability in 74Cms 4.2.111
An issue was discovered in 74cms v4.2.111.
network
low complexity
74cms CWE-79
6.1