2 matches found
CVE-2018-20612
UWA 2.3.11 allows index.php?g=admin=admin=addadmindo CSRF...
CVE-2018-20612
UWA 2.3.11 contains a Cross-Site Request Forgery (CSRF) flaw in the admin creation flow. Specifically, the vulnerability is triggered via index.php?g=admin&c=admin&a=add_admin_do, allowing an attacker to induce unauthorized admin operations. The CVE entry for CVE-2018-20612 reflects affected soft...