baijiacms V3 has CSRF via index.php?mod=site&op=edituser&name=manager&do=user to add an administrator account.
References
Link | Resource |
---|---|
https://crayon-xin.github.io/2018/04/20/baijiacmsV3-CSRF-add-admin/ | Exploit Third Party Advisory |
Configurations
Information
Published : 2018-04-20 12:29
Updated : 2018-05-22 08:00
NVD link : CVE-2018-10249
Mitre link : CVE-2018-10249
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
baijiacms_project
- baijiacms