CVE-2018-14068
SRCMS V2.3.1 is affected by a CSRF vulnerability that can add an administrator account via the endpoint admin.php?m=Admin&c=manager&a=add. This exposes the admin creation function to CSRF, enabling potential unauthorized admin access. The issue is confirmed across multiple sources (CVE-2018-14068...