Lucene search
74cms74cms
2 matches found
CVE-2018-20519
An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajax_save_basic pid parameter.
8.1CVSS7.6AI score0.00183EPSS
CVE-2018-20454
An issue was discovered in 74cms v4.2.111. upload/index.php?c=resume&a=resume_list has XSS via the key parameter.
6.1CVSS5.9AI score0.0024EPSS
Web