CVE-2018-25168

Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests. Attackers can forge requests to the /public/admin/user/submitnew endpoint with user creation parameter...

CVE-2018-25168 Precurio Intranet Portal 2.0 Cross-Site Request Forgery Add Admin

Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests. Attackers can forge requests to the /public/admin/user/submitnew endpoint with user creation parameter...

CVE-2018-25168

Precurio Intranet Portal 2.0 contains a Cross-Site Request Forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests to the /public/admin/user/submitnew endpoint without CSRF tokens. The issue stems from missing CSRF pro...

CVE-2018-25168 Precurio Intranet Portal 2.0 Cross-Site Request Forgery Add Admin

Precurio Intranet Portal 2.0 contains a cross-site request forgery vulnerability that allows unauthenticated attackers to create administrative user accounts by submitting crafted POST requests. Attackers can forge requests to the /public/admin/user/submitnew endpoint with user creation parameter...

Precurio Intranet Portal 代码问题漏洞

Precurio Intranet Portal is a document management portal system developed by the American company Precurio. Version 2.0 of Precurio Intranet Portal has a code vulnerability. This vulnerability stems from the /public/admin/user/submitnew endpoint, where cross-site request forgery exists, potential...