Phpcms · Phpcms · CVE-2018-12990
**Name of the Vulnerable Software and Affected Versions**
phpwcms version 1.8.9
**Description**
The issue allows remote attackers to discover the installation path via an invalid `csrf token value` field.
**Recommendations**
For phpwcms version 1.8.9, update to a newer version that contains a fix for this issue.