2 matches found
74cms - ajax_officebuilding.php SQL Injection
A SQL injection vulnerability exists in 74cms 3.2.0 via the x parameter to ajaxofficebuilding.php. id: CVE-2020-22210 info: name: 74cms - ajaxofficebuilding.php SQL Injection author: ritikchaddha severity: critical description: | A SQL injection vulnerability exists in 74cms 3.2.0 via the x...
The vulnerability of the ajax_officebuilding.php component of the CMS system 74cms, related to the lack of protective measures for the SQL query structure, allows attackers to execute arbitrary SQL queries.
The vulnerability of the ajaxofficebuilding.php component of the CMS system 74cms is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries through the x-parameter...