2 matches found
CVE-2018-19319
SRCMS 3.0.0 allows CSRF via admin.php?m=Admin=gifts=update to change goods prices with the super administrator's privileges...
CVE-2018-19319
SRCMS 3.0.0 contains a CSRF vulnerability that allows an attacker to change product prices via admin.php?m=Admin&c=gifts&a=update, exploiting the super administrator’s privileges. The issue arises from lack of proper CSRF protection for admin actions, enabling unauthorized price modification. Doc...