CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2020-35339

In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.13

EPSS Ranking 93.8%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

http://www.74cms.com/download/index.html
https://github.com/BigTiger2020/74cms-rce/blob/main/README.md
http://www.74cms.com/download/index.html
https://github.com/BigTiger2020/74cms-rce/blob/main/README.md

Products affected by CVE-2020-35339

74cms » 74cms » Version: 5.0.1

cpe:2.3:a:74cms:74cms:5.0.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2020-35339

Products

Pricing

Contact Us