Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor 74cms
Filtered by product 74cmsse
Angry Yack Logo
Total 19 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2022-42154 1 74cms 1 74cmsse 2025-05-14 N/A 9.8 CRITICAL
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file.
CVE-2022-41472 1 74cms 1 74cmsse 2025-05-14 N/A 5.4 MEDIUM
74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.
CVE-2022-41471 1 74cms 1 74cmsse 2025-05-14 N/A 6.5 MEDIUM
74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account.
CVE-2022-33097 1 74cms 1 74cmsse 2024-11-21 5.0 MEDIUM 7.5 HIGH
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job.
CVE-2022-33096 1 74cms 1 74cmsse 2024-11-21 5.0 MEDIUM 7.5 HIGH
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index.
CVE-2022-33095 1 74cms 1 74cmsse 2024-11-21 5.0 MEDIUM 7.5 HIGH
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
CVE-2022-33094 1 74cms 1 74cmsse 2024-11-21 5.0 MEDIUM 7.5 HIGH
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map.
CVE-2022-33093 1 74cms 1 74cmsse 2024-11-21 5.0 MEDIUM 7.5 HIGH
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list.
CVE-2022-33092 1 74cms 1 74cmsse 2024-11-21 5.0 MEDIUM 7.5 HIGH
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index.
CVE-2022-32131 1 74cms 1 74cmsse 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /index/notice/show.
CVE-2022-32130 1 74cms 1 74cmsse 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/down_resume/total/nature.
CVE-2022-32129 1 74cms 1 74cmsse 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/account/safety/trade.
CVE-2022-32128 1 74cms 1 74cmsse 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/service/increment/add/im.
CVE-2022-32127 1 74cms 1 74cmsse 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/view_be_browsed/total.
CVE-2022-32126 1 74cms 1 74cmsse 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company.
CVE-2022-32125 1 74cms 1 74cmsse 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /job.
CVE-2022-32124 1 74cms 1 74cmsse 2024-11-21 4.3 MEDIUM 6.1 MEDIUM
74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /index/jobfairol/show/.
CVE-2022-29721 1 74cms 1 74cmsse 2024-11-21 5.0 MEDIUM 7.5 HIGH
74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist.
CVE-2022-29720 1 74cms 1 74cmsse 2024-11-21 5.0 MEDIUM 7.5 HIGH
74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component \index\controller\Download.php.