Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
74cms vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2020-22211
SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php.
74cms 74cms 3.2.0
7.5
CVSSv2
CVE-2020-22212
SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php.
74cms 74cms 3.2.0
7.5
CVSSv2
CVE-2020-35339
In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server.
74cms 74cms 5.0.1
6.8
CVSSv2
CVE-2019-11374
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.
74cms 74cms 5.0.1
1 EDB exploit
5
CVSSv2
CVE-2022-29720
74cmsSE v3.5.1 exists to contain an arbitrary file read vulnerability via the component \index\controller\Download.php.
74cms 74cmsse 3.5.1
5
CVSSv2
CVE-2022-29721
74cmsSE v3.5.1 exists to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
74cms 74cmsse 3.5.1
NA
CVE-2022-42154
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows malicious users to execute arbitrary code via a crafted PHP file.
74cms 74cmsse 3.13.0
NA
CVE-2022-41471
74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account.
74cms 74cmsse 3.12.0
NA
CVE-2022-41472
74cmsSE v3.12.0 exists to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.
74cms 74cmsse 3.12.0
5
CVSSv2
CVE-2022-33092
74cmsSE v3.5.1 exists to contain a SQL injection vulnerability via the keyword parameter at /home/job/index.
74cms 74cmsse 3.5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »