2 matches found
CVE-2024-48191
dingfanzu CMS 1.0 was discovered to contain a Cross-Site Request Forgery CSRF via the component /admin/doAdminAction.php?act=delAdmin=17...
CVE-2024-48191
This CVE affects dingfanzu CMS 1.0, where a Cross-Site Request Forgery (CSRF) flaw exists in the admin action endpoint /admin/doAdminAction.php?act=delAdmin&id=17. The root cause is CSRF permitting unauthorized actions via that endpoint, enabling an attacker to trigger admin deletions without aut...