CVE-2018-18842
CVE-2018-18842 : Z-BlogPHP 1.5.2.1935 (Zero) is affected by a CSRF vulnerability in zb_users/plugin/AppCentre/theme.js.php. The flaw permits remote attackers to execute arbitrary PHP code on the affected system. The root cause is a CSRF in the theme.js.php file, enabling code execution when an at...