Cross site request forgery (csrf)

An issue was discovered in index.php in baijiacms V4 v41420170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an account via op=deleteuser...

CVE-2018-10503

An issue was discovered in index.php in baijiacms V4 v41420170105. CSRF allows adding an administrator account via op=edituser, changing the administrator password via op=changepwd, or deleting an account via op=deleteuser...