Show filters
34 Total Results
Displaying 31-34 of 34
Sort by:
Attacker Value
Unknown

CVE-2019-11374

Disclosure Date: April 20, 2019 (last updated November 27, 2024)
74CMS v5.0.1 has a CSRF vulnerability to add a new admin user via the index.php?m=Admin&c=admin&a=add URI.
0
0
Attacker Value
Unknown

CVE-2019-10684

Disclosure Date: April 01, 2019 (last updated November 27, 2024)
Application/Admin/Controller/ConfigController.class.php in 74cms v5.0.1 allows remote attackers to execute arbitrary PHP code via the index.php?m=Admin&c=config&a=edit site_domain parameter.
0
0
Attacker Value
Unknown

CVE-2018-20519

Disclosure Date: December 27, 2018 (last updated November 27, 2024)
An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajax_save_basic pid parameter.
0
0
Attacker Value
Unknown

CVE-2018-20454

Disclosure Date: December 25, 2018 (last updated November 27, 2024)
An issue was discovered in 74cms v4.2.111. upload/index.php?c=resume&a=resume_list has XSS via the key parameter.
0
0
View More Topics  < Previous