CVE-2018-7579

applicationadmincontrollerupdate_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html.
References
Link Resource
http://www.atksec.com/article/yzmcms-v3.6-sqli/index.html Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:yzmcms:yzmcms:3.6:*:*:*:*:*:*:*

Information

Published : 2018-03-01 07:29

Updated : 2018-03-22 04:51


NVD link : CVE-2018-7579

Mitre link : CVE-2018-7579

Products Affected
No products.
CWE