CVE

CVE-2020-19889

admin

CVE-2020-19889

DBHcms v1.2.0 has no CSRF protection mechanism,as demonstrated by CSRF for index.php?dbhcms_pid=-70 can add a user.

Source: CVE-2020-19889

Exit mobile version