23 matches found
CVE-2022-33094
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map...
CVE-2022-33095
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist...
EUVD-2022-36153
Malicious code in bioql PyPI...
EUVD-2022-34044
Malicious code in bioql PyPI...
CVE-2022-26271
74cmsSE v3.4.1 was discovered to contain an arbitrary file read vulnerability via the $url parameter at \index\controller\Download.php...
CVE-2022-41472
74cmsSE v3.12.0 was discovered to contain a cross-site scripting XSS vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field...
CVE-2022-33096
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index...
CVE-2022-33092
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index...
CVE-2022-33097
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campusjob...
CVE-2022-32126
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company...
CVE-2022-32130
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company/downresume/total/nature...
CVE-2022-32129
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company/account/safety/trade...
CVE-2022-29721
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist...
CVE-2022-42154
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file...
74cms 代码问题漏洞
XUNYI TECHNOLOGY 74cms is a PHP and MySQL based online recruitment system from China Xunyi Technology Company. A security vulnerability exists in version 74cmsSE v3.13.0, which stems from the /apiadmin/upload/attach component that allows an attacker to upload arbitrary files, resulting in the...
PT-2022-25879 · 74Cmsse · 74Cmsse
Name of the Vulnerable Software and Affected Versions: 74cmsSE version 3.12.0 Description: The issue allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field. This is achieved through the /api/admin/notice/add API endpoint. Recommendations: For...
CVE-2022-33093
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resumelist...
CVE-2022-33096
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index...
CVE-2022-33095
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist...
CVE-2022-32128
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company/service/increment/add/im...