74cmsSE v3.4.1 - Arbitrary File Read

74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php. id: CVE-2022-26271 info: name: 74cmsSE v3.4.1 - Arbitrary File Read author: ritikchaddha severity: high description: | 74cmsSE v3.4.1 was discovered to contain a...

74CMS - Remote File Inclusion

PHP remote file inclusion in the assignresumetpl method in Application/Common/Controller/BaseController.class.php in 74CMS before 6.0.48 allows remote code execution. id: CVE-2020-29279 info: name: 74CMS - Remote File Inclusion author: DhiyaneshDK severity: critical description: | PHP remote file...

74cms - ajax_officebuilding.php SQL Injection

A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajaxofficebuilding.php. id: CVE-2020-22210 info: name: 74cms - ajaxofficebuilding.php SQL Injection author: ritikchaddha severity: critical description: | A SQL injection vulnerability exists in 74cms 3.2.0 via the x...

74cms - ajax_common.php SQL Injection

SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajaxcommon.php. id: CVE-2020-22209 info: name: 74cms - ajaxcommon.php SQL Injection author: ritikchaddha severity: critical description: | SQL Injection in 74cms 3.2.0 via the query parameter to plus/ajaxcommon.php. impact: | Successful...

74cms - ajax_street.php 'key' SQL Injection

SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajaxstreet.php. id: CVE-2020-22211 info: name: 74cms - ajaxstreet.php 'key' SQL Injection author: ritikchaddha severity: critical description: | SQL Injection in 74cms 3.2.0 via the key parameter to plus/ajaxstreet.php. impact: | Successf...

74cms - ajax_street.php 'x' SQL Injection

SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajaxstreet.php. id: CVE-2020-22208 info: name: 74cms - ajaxstreet.php 'x' SQL Injection author: ritikchaddha severity: critical description: | SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajaxstreet.php. impact: | Successful...

CVE-2019-11374

74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin=admin=add URI...

CVE-2024-2561

A vulnerability, which was classified as critical, has been found in 74CMS 3.28.0. Affected by this issue is the function sendCompanyLogo of the file /controller/company/Index.phpsendCompanyLogo of the component Company Logo Handler. The manipulation of the argument imgBase64 leads to unrestricte...

EUVD-2019-2479

Malware in sbrugna...

EUVD-2020-15182

Malware in sbrugna...

EUVD-2019-3052

Malware in sbrugna...

EUVD-2019-7937

Malware in sbrugna...

EUVD-2018-13073

Malware in sbrugna...

EUVD-2018-13009

Malware in sbrugna...

EUVD-2020-14977

Malware in sbrugna...

EUVD-2025-13568

Malicious code in bioql PyPI...

EUVD-2024-54434

Malicious code in bioql PyPI...

CVE-2020-35339

In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server...

CVE-2020-22212

SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php...

CVE-2020-22210

SQL Injection in 74cms 3.2.0 via the x parameter to ajaxofficebuilding.php...