CVE-2018-8756

2018-03-18T06:29:00
ID CVE-2018-8756
Type cve
Reporter cve@mitre.org
Modified 2019-10-03T00:03:00

Description

Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=member_content&a=init request.