idreamsoft iCMS Cross-Site Request Forgery Vulnerability (CNVD-2019-10136)
idreamsoft iCMS is an open source content management system CMS based on PHP and MySQL. A cross-site request forgery vulnerability exists in idreamsoft iCMS version 7.0.10, which can be exploited by remote attackers to add an administrator account with the help of admincp.php?app=user&do=save...