CVE-2018-12628
Eventum 3.5.0 is affected by a CSRF vulnerability in htdocs/manage/users.php that allows an attacker to create another user with admin privileges. This CVE-2018-12628 entry documents the issue and its impact: unauthorized account creation with admin rights via CSRF, enabling partial/high impact c...