Lucene search
China National Vulnerability DatabaseCNVD-2021-90912HistorySep 24, 2021 - 12:00 a.m.
YzmCMS Cross-site Request Forgery Vulnerability (CNVD-2021-90912)
2021-09-2400:00:00
China National Vulnerability Database
www.cnvd.org.cn
9
0.001 Low
EPSS
Percentile
43.2%
YzmCMS is a lightweight open source content management system based on PHP Mysql architecture developed solely by Yuan Zhimeng. A cross-site request forgery vulnerability exists in /controller/pay.class.php in YzmCMS version 5.5. An attacker can use this vulnerability to access sensitive components of the application.
| CPE | Name | Operator | Version |
|---|---|---|---|
| yzmcms yzmcms | eq | 5.5 |
Related
nvd
nvd
CVE-2020-19951
2021-09-23 20:15:07
cve
cve
CVE-2020-19951
2021-09-23 20:15:07
cvelist
cvelist
CVE-2020-19951
2021-09-23 19:46:23
prion
prion
Cross site request forgery (csrf)
2021-09-23 20:15:00