CSRF Vulnerability in BEESCMS 4.0 Allows Addition of Arbitrary VIP Accounts
CVE-2019-8347 · MEDIUM Severity
AV:N/AC:M/AU:N/C:P/I:P/A:P
BEESCMS 4.0 has a CSRF vulnerability to add arbitrary VIP accounts via the admin/admin_member.php?action=add&nav=add_web_user&admin_p_nav=user URI.
Learn more about our Web App Pen Testing.