CVE-2018-7479

CVE-2018-7479

EPSS 2.1%

YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application/install/templates/s1.php.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/kongxin520/YzmCMS/blob/master/YzmCMS_3.6_bug.md https://kongxin.gitbook.io/yzmcms-3-6-bug/