VYPR
High severity7.2NVD Advisory· Published Mar 1, 2018· Updated Jun 17, 2026

CVE-2018-7579

CVE-2018-7579

Description

\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html.

Affected products

2
  • Yzmcms/Yzmcmsinferred2 versions
    <=3.6+ 1 more
    • (no CPE)range: <=3.6
    • (no CPE)range: =3.6

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.