25 matches found
CVE-2018-14069
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add...
CVE-2018-14069
SRCMS V2.3.1 contains a CSRF flaw that allows an attacker to add a user account via admin.php?m=Admin&c=member&a=add. The affected component is the user-management functionality; the root cause is a CSRF vulnerability in the request handling for adding members. Impact statements in the sources in...
CVE-2018-14068
SRCMS V2.3.1 is affected by a CSRF vulnerability that can add an administrator account via the endpoint admin.php?m=Admin&c=manager&a=add. This exposes the admin creation function to CSRF, enabling potential unauthorized admin access. The issue is confirmed across multiple sources (CVE-2018-14068...
CVE-2018-14068
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add an admin account via admin.php?m=Admin&c=manager&a=add...
CVE-2018-14069
An issue was discovered in SRCMS V2.3.1. There is a CSRF vulnerability that can add a user account via admin.php?m=Admin&c=member&a=add...