1 matches found
Design/Logic Flaw
expressCart before 1.1.6 allows remote attackers to create an admin user via a /admin/setup Referer header...