2 matches found
CVE-2018-8717
joyplus-cms 1.6.0 has CSRF, as demonstrated by adding an administrator account via a manager/adminajax.php?action=save&tab=premanager request...
CVE-2018-8717
CVE-2018-8717 affects joyplus-cms 1.6.0 and is a cross-site request forgery (CSRF) vulnerability. The issue is demonstrated by a CSRF request to manager/admin_ajax.php?action=save&tab={pre}manager that can result in adding an administrator account. The connected sources confirm the vulnerability ...