An issue was discovered in YXcms 1.4.7. Cross-site request forgery (CSRF) vulnerability in protected/apps/admin/controller/adminController.php allows remote attackers to delete administrator accounts via index.php?r=admin/admin/admindel.
References
Link | Resource |
---|---|
https://github.com/TekerFue/YXcms-Code-Audit/blob/master/1.4.7%20csrf | Exploit Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2018-05-12T04:00:00
Updated: 2018-05-12T03:57:01
Reserved: 2018-05-11T00:00:00
Link: CVE-2018-11003
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-05-12T04:29:00.380
Modified: 2018-06-18T16:09:08.457
Link: CVE-2018-11003
JSON object: View
Redhat Information
No data.
CWE