CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-10224
https://notcve.org/view.php?id=CVE-2018-10224
An issue was discovered in YzmCMS 3.8. There is a CSRF vulnerability that can add a tag via /index.php/admin/tag/add.html. Se ha descubierto un problema en YzmCMS 3.8. Hay una vulnerabilidad de Cross-Site Request Forgery (CSRF) que puede añadir una etiqueta mediante /index.php/admin/tag/add.html. • http://www.8sec.cc/archives/601 https://github.com/yzmcms/yzmcms/issues/2 • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 6.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-10223
https://notcve.org/view.php?id=CVE-2018-10223
An issue was discovered in YzmCMS 3.8. There is a CSRF vulnerability that can add an admin account via /index.php/admin/admin_manage/add.html. Se ha descubierto un problema en YzmCMS 3.8. Hay una vulnerabilidad de Cross-Site Request Forgery (CSRF) que puede añadir una cuenta admin mediante /index.php/admin/admin_manage/add.html. • http://www.8sec.cc/archives/596 https://github.com/yzmcms/yzmcms/issues/1 • CWE-352: Cross-Site Request Forgery (CSRF) •