74cmsSE is a free, open source professional recruiting system based on PHP MYSQL. 74cmsSE is vulnerable to SQL injection, which results from a lack of validation of externally entered SQL statements in the /home/job/index keyword parameter. An attacker could use this vulnerability to execute illegal SQL commands to steal sensitive database data.