An issue was discovered in WUZHI CMS 4.1.0. There is a CSRF vulnerability that can change the super administrator's username via index.php?m=member&f=index&v=edit&uid=1.
References
Link | Resource |
---|---|
https://github.com/wuzhicms/wuzhicms/issues/156 | Exploit Third Party Advisory |
Configurations
Information
Published : 2018-10-29 05:29
Updated : 2018-11-16 08:26
NVD link : CVE-2018-18712
Mitre link : CVE-2018-18712
JSON object : View
CWE
CWE-352
Cross-Site Request Forgery (CSRF)
Products Affected
wuzhicms
- wuzhi_cms