CSRF Vulnerability in S-CMS PHP v1.0 Allows Unauthorized Addition of Admin User

CSRF Vulnerability in S-CMS PHP v1.0 Allows Unauthorized Addition of Admin User

CVE-2019-10237 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

S-CMS PHP v1.0 has a CSRF vulnerability to add a new admin user via the 4.edu.php/admin/ajax.php?type=admin&action=add&lang=0 URI, a related issue to CVE-2019-9040.

Learn more about our Cms Pen Testing.