3 matches found
WUZHI CMS 4.1.0 - Add Admin Account Cross-Site Request Forgery Vulnerability
Exploit for php platform in category web applications Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add admin account Exploit Author: taoge Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE : CVE-2018-9926 An issue was...
CVE-2018-9926
Summary : CVE-2018-9926 affects WUZHI CMS 4.1.0 and is a CSRF vulnerability that allows adding an administrator account via the vulnerable endpoint, index.php?m=core&f=power&v=add. What’s vulnerable : the WUZHI CMS 4.1.0 admin flow can be manipulated through a forged request, enabling an attacker...
WUZHI CMS 4.1.0 - Cross-Site Request Forgery (Add Admin)
Exploit Title: WUZHI CMS 4.1.0 CSRF vulnerability add admin account Date: 2018-04-10 Exploit Author: taoge Vendor Homepage: https://github.com/wuzhicms/wuzhicms Software Link: https://github.com/wuzhicms/wuzhicms Version: 4.1.0 CVE : CVE-2018-9926 An issue was discovered in WUZHI CMS...