VYPR
Critical severity9.8NVD Advisory· Published Nov 11, 2018· Updated Jun 17, 2026

CVE-2018-19180

CVE-2018-19180

Description

statics/app/index/controller/Install.php in YUNUCMS 1.1.5 (if install.lock is not present) allows remote attackers to execute arbitrary PHP code by placing this code in the index.php?s=index/install/setup2 DB_PREFIX field, which is written to database.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Yunucms/Yunucmsinferred2 versions
    = 1.1.5+ 1 more
    • (no CPE)range: = 1.1.5
    • (no CPE)range: <=1.1.5

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.