BageCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-00135)
BageCMS is a cross-platform content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in BageCMS version 3.1.3. A remote attacker can exploit this vulnerability to modify user accounts with the help of the upload/index.php?r=admini/admin/ownerUpdate U...