CVE-2018-7479
YzmCMS 3.6 is affected by CVE-2018-7479, a path-disclosure/info-disclosure vulnerability. A remote attacker can discover the full server path by issuing a direct request to application/install/templates/s1.php. The issue is categorized as information disclosure with impact limited to confidential...