CVE-2020-21139

EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add admin accounts via /admin.html?do=user=add...

CVE-2020-21139

EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add admin accounts via /admin.html?do=user&act=add...

Cross site request forgery (csrf)

EC Cloud E-Commerce System v1.3 was discovered to contain a Cross-Site Request Forgery CSRF which allows attackers to arbitrarily add admin accounts via /admin.html?do=user&act=add...

EC Cloud E-Commerce System 跨站请求伪造漏洞

Amazon Web Services Ec Cloud E-Commerce System is a cloud-based e-commerce system from Amazon Web Services, Inc. A security vulnerability exists in EC Cloud E-Commerce System version 1.3, which allows an attacker to arbitrarily add an administrator account via "/admin.html?do=user&act=add"...

Stored XSS Vulnerability in Cloud EC E-commerce System Version V1.2.1

Cloud EC e-commerce system hereinafter referred to as Cloud EC is a set of PHP + MYSQL-based open source e-commerce system software developed independently by Cloud MYSQL e-commerce Co. Cloud EC e-commerce system V1.2.1 version of the existence of stored XSS vulnerability, an attacker can exploit...