Vulnerabilities (CVE)

Vendor filter

74cms Subscribe

Filter

3 total CVE
CVE Vendors Products Updated CVSS
CVE-2019-11374 1 74cms 1 74cms 2019-04-26 6.8
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.
CVE-2018-20519 1 74cms 1 74cms 2019-01-24 5.5
An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajax_save_basic pid parameter.
CVE-2018-20454 1 74cms 1 74cms 2019-01-10 4.3
An issue was discovered in 74cms v4.2.111. upload/index.php?c=resume&a=resume_list has XSS via the key parameter.