4 matches found
CVE-2020-18457
Cross Site Request Forgery CSRF vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html...
Cross site request forgery (csrf)
Cross Site Request Forgery CSRF vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html...
CVE-2020-18457
Cross Site Request Forgery CSRF vulnerability exists in bycms v1.3.0 that can add an admin account via admin.php/ucenter/add.html...
CVE-2020-18457
CVE-2020-18457 affects bycms v1.3.0 and is a CSRF vulnerability that allows an attacker to add an administrator account via admin.php/ucenter/add.html. The issue is rooted in CSRF and enables privilege escalation to admin, with impact described in CVSS as enabling partial confidentiality, integri...