74cms is a PHP and MySQL-based online recruitment system from China Xunyi Technology Company. 74cmsSE version v3.5.1 is vulnerable to SQL injection, which originates from the lack of validation of external input SQL statements in the /home/campus/campus_job keyword parameter. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.