CVE-2018-19222

Published November 12th, 2018

View on NVD ↗

CVSS v3

N/A

CVSS v2

7.5

HIGH

Affected

PROJECT

Description

An issue was discovered in LAOBANCMS 2.0. It allows a /install/mysql_hy.php?riqi=0&i=0 attack to reset the admin password, even if install.txt exists.

AvaterXXX/laobanCMSUNAVAILABLE

GitHub