2 matches found
CVE-2019-17676
app/system/admin/admin/index.class.php in MetInfo 7.0.0beta allows a CSRF attack to add a user account via a doSaveSetup action to admin/index.php, as demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URI...
CVE-2019-17676
CVE-2019-17676 relates to MetInfo 7.0.0beta where a CSRF flaw in app/system/admin/admin/index.class.php allows an attacker to add a user account via the doSaveSetup action to admin/index.php, demonstrated by an admin/?n=admin&c=index&a=doSaveSetup URL. The vulnerability stems from CSRF exposure i...