kkcms v1.3 has a CSRF vulnerablity that can add an user account via admin/cms_user_add.php.
8.8CVSS
8.6AI Score
0.001EPSS
6.1CVSS
6.3AI Score
0.001EPSS
kkcms v1.3.7 was discovered to contain a SQL injection vulnerability via the cid parameter at /template/wapian/vlist.php.
9.8CVSS
9.8AI Score
0.002EPSS