74cms: >> 74cmsse Security Vulnerabilities
74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account.
CVSS Score
6.5
EPSS Score
0.001
Published
2022-10-17
74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.
CVSS Score
5.4
EPSS Score
0.001
Published
2022-10-17
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVSS Score
9.8
EPSS Score
0.001
Published
2022-10-17
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-06-23
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-06-23
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-06-23
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-06-23
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-06-23
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job.
CVSS Score
7.5
EPSS Score
0.002
Published
2022-06-23
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /index/jobfairol/show/.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-06-23
Page 1