Vulnerabilities > Yzmcms

DATE	CVE	VULNERABILITY TITLE	RISK
2018-03-01	CVE-2018-7579	SQL Injection vulnerability in Yzmcms 3.6 \application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html. network low complexity yzmcms CWE-89	7.2
2018-02-26	CVE-2018-7479	Exposure of Resource to Wrong Sphere vulnerability in Yzmcms 3.6 YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application/install/templates/s1.php. network low complexity yzmcms CWE-668	5.3

Vulnerabilities > Yzmcms {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Yzmcms"}]}