6 matches found
CVE-2020-35970
An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability in the background collection management that allows arbitrary file read...
CVE-2020-35970
An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability in the background collection management that allows arbitrary file read...
Server side request forgery (ssrf)
An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability in the background collection management that allows arbitrary file read...
CVE-2020-35970
An issue was discovered in YzmCMS 5.8. There is a SSRF vulnerability in the background collection management that allows arbitrary file read...
CVE-2020-35970
In YzmCMS 5.8, a SSRF vulnerability exists in the backend collection management that allows arbitrary file read. Affected component: backend collection management module of YzmCMS 5.8. Root cause: server-side request forgery enabling access to arbitrary files. Impact stated as partial information...
YzmCMS YzmCMS 跨站请求伪造漏洞
YzmCMS is a lightweight open source content management system based on PHP+Mysql architecture developed by Yuan Zhimeng alone. YzmCMS 5.8 version of the existence of cross-site request forgery vulnerability, the attacker can be member/member/add.html through the use of this vulnerability to add...