📦 74cms

This vulnerability allows attackers to execute arbitrary SQL commands via the x parameter in plus/ajax_street.php in 74cms version 3.2.0. It affects all systems running this vulnerable version of the ...

CVE-2020-22210 is a critical SQL injection vulnerability in 74cms version 3.2.0 that allows attackers to execute arbitrary SQL commands via the x parameter in ajax_officebuilding.php. This affects all...

This is a critical SQL injection vulnerability in 74cms version 3.2.0 that allows attackers to execute arbitrary SQL commands via the 'id' parameter in the wap/wap-company-show.php endpoint. Attackers...

CVE-2020-35339 is a critical remote code execution vulnerability in 74cms version 5.0.1 that allows attackers to execute arbitrary code on affected servers. Attackers can gain full server control by e...

This vulnerability allows remote attackers to execute arbitrary PHP code on 74CMS websites through a remote file inclusion flaw in the assign_resume_tpl method. It affects all 74CMS installations befo...

This vulnerability in 74CMS allows attackers to perform path traversal attacks by manipulating the 'url' parameter in the download function. Attackers can potentially read arbitrary files on the serve...

CVE-2024-46089 is a remote code execution vulnerability in 74cms background interface apiadmin that allows attackers to execute arbitrary code on affected systems. This affects 74cms versions up to an...