CVE-2018-16448

Posted on 2018년 9월 4일2018년 9월 4일 by admin

CVE-2018-16448

Cscms 4 allows CSRF for creating a member via upload/admin.php/user/save, authenticating vip members via upload/admin.php/user/init/tid and upload/admin.php/user/init/rzid, and creating a super administrator and web editor via upload/admin.php/sys/save.

Source: CVE-2018-16448

답글 남기기 응답 취소