Medium severity5.3OSV Advisory· Published Jun 30, 2018· Updated Jun 17, 2026
CVE-2018-12990
CVE-2018-12990
Description
phpwcms 1.8.9 allows remote attackers to discover the installation path via an invalid csrf_token_value field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- 3xpl01tc0d3r.blogspot.com/2018/06/information-disclosure-internal-path.htmlnvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.