2018-02-26 03:00:00
mitre
PUBLISHED
YzmCMS 3.6 allows remote attackers to discover the full path via a direct request to application/install/templates/s1.php.