Vulnerabilities > 74Cms > Medium

DATE CVE VULNERABILITY TITLE RISK
2022-06-23 CVE-2022-33092 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index.
network
low complexity
74cms CWE-89
5.0
2022-06-23 CVE-2022-33093 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list.
network
low complexity
74cms CWE-89
5.0
2022-06-23 CVE-2022-33094 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map.
network
low complexity
74cms CWE-89
5.0
2022-06-23 CVE-2022-33095 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
network
low complexity
74cms CWE-89
5.0
2022-06-23 CVE-2022-33096 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index.
network
low complexity
74cms CWE-89
5.0
2022-06-23 CVE-2022-33097 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job.
network
low complexity
74cms CWE-89
5.0
2022-05-26 CVE-2022-29720 Files or Directories Accessible to External Parties vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component \index\controller\Download.php.
network
low complexity
74cms CWE-552
5.0
2022-05-26 CVE-2022-29721 SQL Injection vulnerability in 74Cms 74Cmsse 3.5.1
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
network
low complexity
74cms CWE-89
5.0
2022-03-28 CVE-2022-26271 Files or Directories Accessible to External Parties vulnerability in 74Cms 3.4.1
74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php.
network
low complexity
74cms CWE-552
5.0
2021-12-08 CVE-2020-22421 Cross-site Scripting vulnerability in 74Cms 6.0.4
74CMS v6.0.4 was discovered to contain a cross-site scripting (XSS) vulnerability via /index.php?m=&c=help&a=help_list&key.
network
74cms CWE-79
4.3