admin/admin/adminsave.html in YFCMF v3.0 allows CSRF to add an administrator account.
References
Link | Resource |
---|---|
http://hpdoger.me/2018/08/23/Csrf%20in%20YFCMF%203.0/ | Exploit Third Party Advisory URL Repurposed |
http://hpdoger.me/2018/08/23/Csrf%20in%20YFCMF%203.0/ | Exploit Third Party Advisory URL Repurposed |
Configurations
History
21 Nov 2024, 03:52
Type | Values Removed | Values Added |
---|---|---|
References | () http://hpdoger.me/2018/08/23/Csrf%20in%20YFCMF%203.0/ - Exploit, Third Party Advisory, URL Repurposed |
14 Feb 2024, 01:17
Type | Values Removed | Values Added |
---|---|---|
References | () http://hpdoger.me/2018/08/23/Csrf%20in%20YFCMF%203.0/ - Exploit, Third Party Advisory, URL Repurposed |
Information
Published : 2018-09-04 00:29
Updated : 2024-11-21 03:52
NVD link : CVE-2018-16431
Mitre link : CVE-2018-16431
CVE.ORG link : CVE-2018-16431
JSON object : View
Products Affected
yfcmf
- yfcmf
CWE
CWE-352
Cross-Site Request Forgery (CSRF)