Vulnerability Details CVE-2018-7579
\application\admin\controller\update_urls.class.php in YzmCMS 3.6 has SQL Injection via the catids array parameter to admin/update_urls/update_category_url.html.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.3%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References