CVE-2019-6244

An issue was discovered in UsualToolCMS 8.0. cmsadmin/asqlbackx.php?t=sql allows CSRF attacks that can execute SQL statements, and consequently execute arbitrary PHP code by writing that code into a .php file...

CVE-2018-18422

UsualToolCMS 8.0 allows CSRF for adding a user account via the cmsadmin/aadminx.php?x=a URI...