CVE-2025-4329 – 74CMS Path Traversal Vulnerability

May 6, 2025

CVE ID : CVE-2025-4329

Published : May 6, 2025, 7:15 a.m. | 32 minutes ago

Description : A vulnerability was found in 74CMS up to 3.33.0. It has been rated as problematic. Affected by this issue is the function index of the file /index.php/index/download/index. The manipulation of the argument url leads to path traversal. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 4.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleTEKEVER becomes the latest unicorn in Europe’s defencetech industry

Next Article CVE-2025-4328 – Spring Cloud Base HTTP Header Handler Open Redirect Vulnerability

Designing With AI, Not Around It: Practical Advanced Techniques For Product Design Use Cases

Why Companies Are Investing in AI-Powered React.js Development Services in 2025

The coming AI smartphone: Redefining personal tech

Modern React animation libraries: Real examples for engaging UIs

How Debian 13’s little improvements add up to the distro’s surprisingly big leap forward

Why xAI is giving you ‘limited’ free access to Grok 4

How Apple may revamp Siri to a voice assistant I’d actually use (and ditch Gemini for)

I jump-started a bus from the 1930s with this power bank – here’s the verdict

Laravel’s UsePolicy Attribute: Explicit Authorization Control

Laravel’s UsePolicy Attribute: Explicit Authorization Control

The Laravel Way to Build AI Agents That Actually Work

The Laravel Way to Build AI Agents That Actually Work

Microsoft sued over killing support for Windows 10

Microsoft sued over killing support for Windows 10

Grok 4 rolled out for free-tier users worldwide, with some limits

Firefox AI slammed for hogging CPU and draining battery

CVE-2025-4329 – 74CMS Path Traversal Vulnerability

WinRAR Zero-Day Under Active Exploitation – Update to Latest Version Immediately

BadCam Attack Turns Trusted Linux Webcams into Stealthy USB Weapons

Nothing just launched a stylish $99 smartwatch – with a reported 13-day battery

In MCP era API discoverability is now more important than ever

CVE-2024-12706 – OpenText Digital Asset Management SQL Injection

CVE-2025-53380 – Apache Struts Deserialization Vulnerability

CVE-2025-5183 – Summer Pearl Group Vacation Rental Management Platform Header Handler Open Redirect Vulnerability

CVE-2025-8738 – “zlt2000 Microservices-Platform Spring Actuator Interface Information Disclosure Vulnerability”

CVE-2024-12378 – Arista EOS Unencrypted VxLAN Tunnel Exposure

Master Data Management: The Key to Improved Analytics Reporting

CVE-2025-4329 – 74CMS Path Traversal Vulnerability

Related Posts