CVE-2019-9688
CVE-2019-9688 (sftnow) is a CSRF vulnerability in sftnow up to 2018-12-29 that allows an attacker to trigger index.php?g=Admin&m=User&a=add_post to add an admin account. Connected sources confirm a cross-site request forgery flaw exists in sftnow 2018-12-29 and earlier versions. The provided docu...