2 matches found
CVE-2018-12582
Summary : The CVE-2018-12582 issue affects AKCMS 6.1 and is a CSRF vulnerability that allows an attacker to add an administrator account via the URI /index.php?file=account&action=manageaccounts&job=newaccount. What’s affected : AKCMS 6.1 (PHP/MySQL-based CMS). Root cause : Cross-site request for...
CVE-2018-12583
AKCMS 6.1 is affected by a cross-site request forgery (CSRF) that can delete articles via the admincp deleteitem action to index.php. The vulnerability is described in CVE-2018-12583 and corroborated by CNVD-2018-14261 and related records, which state an attacker could exploit CSRF to delete arti...