Known Vulnerabilities for products from 74cms

Listed below are 12 of the newest known vulnerabilities associated with the vendor "74cms".

These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.

Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2020-35339 In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.clas... 9.8 - CRITICAL 2021-02-17 2021-07-21
CVE-2020-29279 PHP remote file inclusion in the assign_resume_tpl method in Application/Common/Controller/BaseController.class.php in 74CMS ... 9.8 - CRITICAL 2020-12-02 2020-12-04
CVE-2020-22212 SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php. 9.8 - CRITICAL 2021-06-16 2021-06-21
CVE-2020-22211 SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajax_street.php. 9.8 - CRITICAL 2021-06-16 2021-06-21
CVE-2020-22210 SQL Injection in 74cms 3.2.0 via the x parameter to ajax_officebuilding.php. 9.8 - CRITICAL 2021-06-16 2021-06-21
CVE-2020-22209 SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajax_common.php. 9.8 - CRITICAL 2021-06-16 2021-06-21
CVE-2020-22208 SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajax_street.php. 9.8 - CRITICAL 2021-06-16 2021-06-21
CVE-2019-17612 An issue was discovered in 74CMS v5.2.8. There is a SQL Injection generated by the _list method in the Common/Controller/Back... 7.2 - HIGH 2019-10-15 2019-10-17
CVE-2019-11374 74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI. 8.8 - HIGH 2019-04-20 2019-04-26
CVE-2019-10684 Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code... 9.8 - CRITICAL 2019-04-01 2019-04-03
CVE-2018-20519 An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changi... 8.1 - HIGH 2018-12-27 2019-01-24
CVE-2018-20454 An issue was discovered in 74cms v4.2.111. upload/index.php?c=resume&a=resume_list has XSS via the key parameter. 6.1 - MEDIUM 2018-12-25 2019-01-10

Known software with vulnerabilities from 74cms

Type Vendor Product Version
Application74cms74cms4.2.54

Popular searches for "74cms"

骑士人才系统 - PHP人才招聘系统程序网站源码 - 云人才招聘网站源码

www.74cms.com

- PHP - MSPHP MYSQL,,,

PHP Android (operating system) Customer relationship management IPad V6 engine Copyright Version 6 Unix Windows 10 .com 0 V6 (band) UEFA Euro 2020 2020 United States presidential election IOS 2020 NHL Entry Draft 2020 Summer Olympics Reserved Alfa Romeo V6 engine 2020 NFL Draft All Right