Lucene search
K

11 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/06/08 12:0 a.m.7 views

VulnCheck KEV: CVE-2020-22208

SQL Injection in 74cms 3.2.0 via the x parameter to plus/ajaxstreet.php...

9.8CVSS5.9AI score0.09743EPSS
Exploits1References1
CNNVD
CNNVD
added 2024/03/17 12:0 a.m.4 views

74CMS 安全漏洞

74CMS is an online recruitment system based on PHP and MySQL. A file upload vulnerability exists in version 3.28.0 of 74CMS, which stems from the lack of valid validation of the uploaded file by imgBase64, a parameter of the function sendCompanyLogo in file /controller/company/Index.php. The...

8.8CVSS7.8AI score0.06079EPSS
Exploits1References4
ATTACKERKB
ATTACKERKB
added 2022/06/23 5:15 p.m.1 views

CVE-2022-32126

74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting XSS vulnerability via the path /company...

6.1CVSS5AI score0.00617EPSS
Exploits1References2
OSV
OSV
added 2021/12/08 4:15 a.m.2 views

CVE-2020-22421

74CMS v6.0.4 was discovered to contain a cross-site scripting XSS vulnerability via /index.php?m=&c=help&a=helplist&key...

6.1CVSS6.3AI score0.008EPSS
Exploits1References1
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.9 views

The vulnerability of the plus/ajax_street.php component of the 74cms CMS system, related to the lack of protection for SQL query structures, allows attackers to execute arbitrary SQL queries.

The vulnerability of the plus/ajaxstreet.php component of the 74cms CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries via the key parameter...

6.5CVSS8.2AI score0.0794EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/06/23 12:0 a.m.5 views

The vulnerability of the plus/ajax_street.php component of the 74cms CMS system, related to the lack of protection for SQL query structures, allows attackers to execute arbitrary SQL queries.

The vulnerability of the plus/ajaxstreet.php component of the 74cms CMS system is related to the lack of measures taken to protect the SQL query structure. Exploiting this vulnerability allows a malicious actor to execute arbitrary SQL queries via the parameter x...

6.5CVSS8.2AI score0.09743EPSS
Exploits1References4Affected Software1
OSV
OSV
added 2021/06/16 6:15 p.m.5 views

CVE-2020-22212

SQL Injection in 74cms 3.2.0 via the id parameter to wap/wap-company-show.php...

9.8CVSS5.8AI score0.01449EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2020/12/02 12:0 a.m.5 views

PT-2020-17129

Name of the Vulnerable Software and Affected Versions 74CMS versions prior to 6.0.48 Description The issue concerns a PHP remote file inclusion in the assign resume tpl method within the Application/Common/Controller/BaseController.class.php file. This allows for remote code execution...

9.8CVSS9.9AI score0.52881EPSS
Exploits1References6
CNVD
CNVD
added 2019/08/01 12:0 a.m.1 views

Code execution vulnerability in 74cms backend Co***.cl***.php file

Knight Talent System 74cms is based on PHP + MYSQL as the core development of a set of free + open source professional recruitment system. By Taiyuan Xunyi Technology Co., Ltd. was officially launched in 2009. 74cms background Co.cl.php file there is a code execution vulnerability. Allow attacker...

7.9AI score
Exploits0
CNVD
CNVD
added 2019/03/13 12:0 a.m.3 views

SQL Injection Vulnerability in 74cms Backend Pe***.cl***.php File

Knight Talent System 74cms is a PHP + MYSQL based on the core development of a set of free + open source professional recruitment system. By Taiyuan Xunyi Technology Co., Ltd. was officially launched in 2009. 74cms background Pe.cl.php file SQL injection vulnerability. Attackers can use the...

7.7AI score
Exploits0
CNVD
CNVD
added 2017/10/04 12:0 a.m.2 views

SQL Injection Vulnerability in 74cms MembersController.class.php Page

Knight Talent System 74cms is a free website management system based on PHP+MYSQL. A SQL injection vulnerability exists in the 74cms MembersController.class.php page, which can be exploited by attackers to obtain sensitive database information...

7.9AI score
Exploits0
Rows per page
Query Builder