PT-2022-21686 · 74Cmsse · 74Cmsse

Published

2022-06-22

Updated

2022-06-29

CVE-2022-33095

CVSS v3.1

7.5

High

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions 74cmsSE version 3.5.1

Description A SQL injection issue was found in 74cmsSE via the keyword parameter at the "/home/jobfairol/resumelist" API endpoint.

Recommendations For version 3.5.1, avoid using the keyword parameter in the affected API endpoint until the issue is resolved.

Exploit

Fix

SQL injection

Found an issue in the description? Have something to add? Feel free to write us 👾

CVE-2022-33095

74Cmsse