Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
74cms vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2020-22421
74CMS v6.0.4 exists to contain a cross-site scripting (XSS) vulnerability via /index.php?m=&c=help&a=help_list&key.
74cms 74cms 6.0.4
668
VMScore
CVE-2020-35339
In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server.
74cms 74cms 5.0.1
668
VMScore
CVE-2019-10684
Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote malicious users to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter.
74cms 74cms 5.0.1
445
VMScore
CVE-2022-26271
74cmsSE v3.4.1 exists to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php.
74cms 74cms 3.4.1
445
VMScore
CVE-2022-29720
74cmsSE v3.5.1 exists to contain an arbitrary file read vulnerability via the component \index\controller\Download.php.
74cms 74cmsse 3.5.1
445
VMScore
CVE-2022-29721
74cmsSE v3.5.1 exists to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
74cms 74cmsse 3.5.1
NA
CVE-2022-42154
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows malicious users to execute arbitrary code via a crafted PHP file.
74cms 74cmsse 3.13.0
NA
CVE-2022-41472
74cmsSE v3.12.0 exists to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows malicious users to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.
74cms 74cmsse 3.12.0
NA
CVE-2022-41471
74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account.
74cms 74cmsse 3.12.0
383
VMScore
CVE-2022-32124
74cmsSE v3.5.1 exists to contain a reflective cross-site scripting (XSS) vulnerability via the component /index/jobfairol/show/.
74cms 74cmsse 3.5.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »