CVE-2018-7579

CVE: CVE-2018-7579
Published: 2018-03-01T19:29Z
Description Language: en
Description: \application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html.
References:
http://www.atksec.com/article/yzmcms-v3.6-sqli/index.html