CVE-2020-29279

CRITICAL EXPLOITED IN THE WILD NUCLEI

74CMS <6.0.48 - RCE

Title source: llm

Description

PHP remote file inclusion in the assign_resume_tpl method in Application/Common/Controller/BaseController.class.php in 74CMS before 6.0.48 allows remote code execution.

Nuclei Templates (1)

74CMS - Remote File Inclusion
CRITICALby DhiyaneshDK
FOFA: app="骑士-74CMS"

References (2)

Scores

CVSS v3 9.8
EPSS 0.6216
EPSS Percentile 98.4%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

VulnCheck KEV 2021-06-01
InTheWild.io 2021-07-01
Status published
Products (1)
74cms/74cms < 6.0.48
Published Dec 02, 2020
Tracked Since Feb 18, 2026