This page lists publicly disclosed CVE vulnerabilities affecting 74cms 74cmsse (linked via NVD CPE). Each row includes severity scores, summaries, and publication dates to help identify and analyze security issues.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2022-42154 | An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file. | [email protected] | 9.8 | 0.76% | 2022-10-17 | 2025-05-14 |
| CVE-2022-41472 | 74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field. | [email protected] | 5.4 | 0.20% | 2022-10-17 | 2025-05-14 |
| CVE-2022-41471 | 74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account. | [email protected] | 6.5 | 0.17% | 2022-10-17 | 2025-05-14 |
| CVE-2022-33097 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/campus/campus_job. | [email protected] | 7.5 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-33096 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/resume/index. | [email protected] | 7.5 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-33095 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist. | [email protected] | 7.5 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-33094 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/map. | [email protected] | 7.5 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-33093 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the key parameter at /freelance/resume_list. | [email protected] | 7.5 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-33092 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/job/index. | [email protected] | 7.5 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-32131 | 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /index/notice/show. | [email protected] | 6.1 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-32130 | 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/down_resume/total/nature. | [email protected] | 6.1 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-32129 | 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/account/safety/trade. | [email protected] | 6.1 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-32128 | 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/service/increment/add/im. | [email protected] | 6.1 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-32127 | 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company/view_be_browsed/total. | [email protected] | 6.1 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-32126 | 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /company. | [email protected] | 6.1 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-32125 | 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the path /job. | [email protected] | 6.1 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-32124 | 74cmsSE v3.5.1 was discovered to contain a reflective cross-site scripting (XSS) vulnerability via the component /index/jobfairol/show/. | [email protected] | 6.1 | 0.23% | 2022-06-23 | 2024-11-21 |
| CVE-2022-29721 | 74cmsSE v3.5.1 was discovered to contain a SQL injection vulnerability via the keyword parameter at /home/jobfairol/resumelist. | [email protected] | 7.5 | 0.30% | 2022-05-26 | 2024-11-21 |
| CVE-2022-29720 | 74cmsSE v3.5.1 was discovered to contain an arbitrary file read vulnerability via the component \index\controller\Download.php. | [email protected] | 7.5 | 0.28% | 2022-05-26 | 2024-11-21 |