CVE-2018-20519: Input Validation
First published: Thu Dec 27 2018(Updated: )
An issue was discovered in 74cms v4.2.111. It allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention, as demonstrated by the index.php?c=Personal&a=ajax_save_basic pid parameter.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ditcms | =4.2.111 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for this issue in 74cms v4.2.111?
The vulnerability ID for this issue in 74cms v4.2.111 is CVE-2018-20519.
What is the severity rating of CVE-2018-20519?
CVE-2018-20519 has a severity rating of 8.1, which is considered high.
How does CVE-2018-20519 impact 74cms v4.2.111?
CVE-2018-20519 allows remote authenticated users to read or modify arbitrary resumes by changing a job-search intention.
What is the affected software version for CVE-2018-20519?
The affected software version for CVE-2018-20519 is 74cms v4.2.111.
Is there a fix available for CVE-2018-20519?
To address CVE-2018-20519, it is recommended to update to a patched version of 74cms.
- agent/type
- agent/first-publish-date
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/weakness
- agent/last-modified-date
- agent/severity
- agent/references
- agent/description
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/74cms
- canonical/ditcms
- version/ditcms/4.2.111