3 matches found
CVE-2018-17104
An issue was discovered in Microweber 1.0.7. There is a CSRF attack against the admin user that can add an administrative account via api/saveuser...
CVE-2018-17104
An issue was discovered in Microweber 1.0.7. There is a CSRF attack against the admin user that can add an administrative account via api/saveuser...
CVE-2018-17104
CVE-2018-17104 affects Microweber 1.0.7, where a CSRF vulnerability in the admin flow allows an attacker to add an administrative account via the api/save_user endpoint. The issue enables CSRF against the admin user, potentially granting admin privileges without user consent; exploitation details...