CSRF Vulnerability in Verydows v2.0 Allows Unauthorized Admin Account Addition

CSRF Vulnerability in Verydows v2.0 Allows Unauthorized Admin Account Addition

CVE-2019-7737 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

A CSRF vulnerability was found in Verydows v2.0 that can add an admin account via index.php?m=backend&c=admin&a=add&step=submit.

Learn more about our Web Application Penetration Testing UK.