3 matches found
Cross site request forgery (csrf)
S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332...
CVE-2019-9040
S-CMS PHP v3.0 has a CSRF vulnerability to add a new admin user via the admin/ajax.php?type=admin&action=add URI, a related issue to CVE-2018-19332...
CVE-2018-19332
CVE-2018-19332 affects S-CMS v1.5 and is a CSRF vulnerability that can add a new user via the admin/ajax.php?type=member&action=add endpoint. The CVE entry documents a cross-site request forgery flaw enabling unauthorized user creation, with CVSS data indicating a network-based, user-interaction-...