njiandan-cms cross-site request forgery vulnerability
njiandan-cms is a PHP-based content management system CMS. A cross-site request forgery vulnerability exists in njiandan-cms version 2013-05-23 and earlier. A remote attacker can exploit this vulnerability to add an administrator account with the help of the index.php/admin/usernew URL...