155 matches found
Cross site scripting
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /index/notice/show...
Cross site scripting
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company...
Sql injection
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campusjob...
Cross site scripting
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company/viewbebrowsed/total...
Cross site scripting
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company/downresume/total/nature...
74cms SQL注入漏洞
74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE suffers from a SQL injection vulnerability, which originates from a keyword parameter in /home /jobfairol/resumelist that lacks validation for external input SQL statements. An attacker could use this...
74cms SQL注入漏洞
74cmsSE is a free open source professional recruitment system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from a lack of validation of externally entered SQL statements in the /home/resume/index keyword parameter. An attacker could use this vulnerability to execute...
CVE-2022-33097
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campusjob...
CVE-2022-33097
CVE-2022-33097 affects 74cmsSE v3.5.1. Root cause: SQL injection via the keyword parameter in /home/campus/campus_job. Impact: attacker could execute arbitrary SQL to access data. Exploitation details are not provided in the documents; no remediation details are included in the connected sources.
CVE-2022-33095
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist...
CVE-2022-33096
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index...
CVE-2022-33096
CVE-2022-33096 affects 74cmsSE v3.5.1, with a SQL injection in the keyword parameter of /home/resume/index. The vulnerability arises from unsanitized input used in SQL queries, exposing potentially confidential data. Documented impact under CVSS 3.1 indicates high confidentiality impact (C:H) wit...
CVE-2022-33095
CVE-2022-33095 affects 74cmsSE v3.5.1, with a SQL injection in the keyword parameter at /home/jobfairol/resumelist. The CNVD/CNNVD entries describe lack of input validation enabling arbitrary SQL execution to access data, while Red Hat/ENISA entries confirm the issue but do not provide concrete f...
CVE-2022-33094
Summary: CVE-2022-33094 affects 74cmsSE v3.5.1, where a SQL injection vulnerability exists via the keyword parameter at /home/job/map. The issue arises from insufficient input validation, allowing an attacker to manipulate SQL queries and potentially access sensitive data. The CVSS data in the pr...
CVE-2022-33094
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map...
CVE-2022-33092
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index...
CVE-2022-33093
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resumelist...
CVE-2022-33092
CVE-2022-33092 affects 74cmsSE v3.5.1, with a SQL injection in the keyword parameter used by /home/job/index. This is disclosed across multiple sources (CNVD, NVD, Red Hat, CNVD variants). The root cause is unsanitized input leading to SQL statement manipulation and potential data exposure. Explo...
CVE-2022-33093
CVE-2022-33093 affects 74cmsSE v3.5.1, with a SQL injection vulnerability in the /freelance/resume_list endpoint via the key parameter. The root cause is improper validation of external input in that parameter, enabling potentially unauthorized SQL execution and data exposure as described in CNVD...
CVE-2022-32131
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /index/notice/show...