CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

74cms: >> 74cms >> 4.2.111 Security Vulnerabilities

CVE-2020-29279

PHP remote file inclusion in the assign_resume_tpl method in Application/Common/Controller/BaseController.class.php in 74CMS before 6.0.48 allows remote code execution.

CVSS Score

9.8

EPSS Score

0.226

Published

2020-12-02

CVE-2018-20519

An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajax_save_basic pid parameter.

CVSS Score

8.1

EPSS Score

0.002

Published

2018-12-27

CVE-2018-20454

An issue was discovered in 74cms v4.2.111. upload/index.php?c=resume&a=resume_list has XSS via the key parameter.

CVSS Score

6.1

EPSS Score

0.002

Published

2018-12-25

Page 1

Vulnerabilities

Vulnerable Software

74cms: >> 74cms >> 4.2.111 Security Vulnerabilities

Products

Pricing

Contact Us