VYPR
Medium severity6.5NVD Advisory· Published May 12, 2018· Updated Jun 17, 2026

CVE-2018-11003

CVE-2018-11003

Description

An issue was discovered in YXcms 1.4.7. Cross-site request forgery (CSRF) vulnerability in protected/apps/admin/controller/adminController.php allows remote attackers to delete administrator accounts via index.php?r=admin/admin/admindel.

Affected products

2
  • Yxcms/Yxcmsinferred2 versions
    = 1.4.7+ 1 more
    • (no CPE)range: = 1.4.7
    • (no CPE)range: = 1.4.7

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.