CVE-2018-25174 ABC ERP 0.6.4 Cross-Site Request Forgery via _configurar_perfil.php
ABC ERP 0.6.4 contains a cross-site request forgery vulnerability that allows attackers to modify administrator credentials by submitting forged requests to configurarperfil.php. Attackers can craft malicious forms or links containing parameters like usuario, contrasena1, contrasena2, nombre, and...