CVE Tools

74cms

Web & CMS Pluginsunknown

24

Cumulative CVEs

4

Monthly snapshots

#47

Peak rank

Top products

Latest CVEs

The 15 most recently published vulnerabilities affecting 74cms.

CVE-2025-432974CMS index path traversal4.3May 6, 2025
CVE-2024-4608974cms <=3.33 is vulnerable to remote code execution (RCE) in the background interface apiadmin.6.3Apr 18, 2025
CVE-2024-256174CMS Company Logo Index.php#sendCompanyLogo unrestricted upload6.3Mar 17, 2024
CVE-2022-42154An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file.9.8Oct 17, 2022
CVE-2022-4147274cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or ...5.4Oct 17, 2022
CVE-2022-4147174cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account.6.5Oct 17, 2022
CVE-2022-3309774cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job.7.5Jun 22, 2022
CVE-2022-3309674cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index.7.5Jun 22, 2022
CVE-2022-3309574cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.7.5Jun 22, 2022
CVE-2022-3309474cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map.7.5Jun 22, 2022
CVE-2022-3309374cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list.7.5Jun 22, 2022
CVE-2022-3309274cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index.7.5Jun 22, 2022
CVE-2022-3213174cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /index/notice/show.6.1Jun 22, 2022
CVE-2022-3213074cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/down_resume/total/nature.6.1Jun 22, 2022
CVE-2022-3212974cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/account/safety/trade.6.1Jun 22, 2022