5 matches found
EUVD-2018-9182
Malware in sbrugna...
CVE-2018-17429
/console/account/manage.php?type=action&action=add in JTBC v3.0C has CSRF for adding an administrator account...
Cross site request forgery (csrf)
/console/account/manage.php?type=action&action=add in JTBC v3.0C has CSRF for adding an administrator account...
CVE-2018-17429
/console/account/manage.php?type=action&action=add in JTBC v3.0C has CSRF for adding an administrator account...
CVE-2018-17429
CVE-2018-17429 refers to a CSRF vulnerability in JTBC v3.0(C) where requests to /console/account/manage.php?type=action&action=add can be forged to add an administrator account. A remote attacker can exploit this CSRF to elevate privileges by creating a new admin account. The reports in CNVD/othe...