rdt

CVE-2018-8756 WRITEUP HIGH WRITEUP

YzmCMS 3.7.1 - Remote Code Execution via Eval Injection in global.func.php

Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=member_content&a=init request.

CVSS 7.2

View Code

CVE-2018-8756 WRITEUP HIGH WRITEUP

YzmCMS 3.7.1 - Remote Code Execution via Eval Injection in global.func.php

Eval injection in yzmphp/core/function/global.func.php in YzmCMS v3.7.1 allows remote attackers to achieve arbitrary code execution via PHP code in the POST data of an index.php?m=member&c=member_content&a=init request.

CVSS 7.2

View Code